MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ea4d1306fc9b763a84dd4b1f696ff95bb182d6724dda35cb48f96b0fcd499a42. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments

SHA256 hash: ea4d1306fc9b763a84dd4b1f696ff95bb182d6724dda35cb48f96b0fcd499a42
SHA3-384 hash: dfaf482d2a59d99362bec5f572279a83feba8b64b6a59a89ccfeb20708bc7e5fa1817dc80c4482e5465c02646e2eac45
SHA1 hash: e321f134a701ff5e9f3b4b252ea75566ff5e3615
MD5 hash: b1f940957417fd4b0242ee79439aa9c6
humanhash: network-oven-zebra-michigan
File name:kla.sh
Download: download sample
Signature Mirai
File size:1'389 bytes
First seen:2026-06-11 14:10:25 UTC
Last seen:2026-06-11 17:38:34 UTC
File type: sh
MIME type:text/x-shellscript
ssdeep 24:xjrmKhEH8fEHHsTE1QXcU2VWZaXcU2wWUaXcU2AWkaXcU2FWJM:IKhEcfEnsTE1WcflS3kkT
TLSH T1DA21A6C4129354707CF54C2BA26AC918F6C97A89EEC14E40A0DDF5F5A4CCF45F905A73
TrID 70.0% (.SH) Linux/UNIX shell script (7000/1)
30.0% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://89.32.41.16/bins/pmips37733e5966cf4129c79c419725fbc2f7bcdac446683d966107bb3065d959422f Miraielf mips mirai opendir ua-wget
http://89.32.41.16/bins/pmpsl3af414ef65da7494da9604e1a1dcf1a2a92234a4c8fd2fa11bb292970ea4282e Miraielf mips mirai opendir ua-wget
http://89.32.41.16/bins/parm826a786afce30c67495d60799ae38d1604bea4732476253a3aab81e1dd5d44f0 Miraielf mirai ua-wget
http://89.32.41.16/bins/parm7603afabe0bd67f9c66c1680b0e8c1c2d2b319053aeaf41a8b2380530ebf3719c Miraielf mirai ua-wget

Intelligence


File Origin
# of uploads :
2
# of downloads :
64
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
busybox evasive
Verdict:
Malicious
File Type:
unix shell
First seen:
2026-06-11T09:31:00Z UTC
Last seen:
2026-06-12T18:38:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan-Downloader.Shell.Agent.p
Verdict:
Malicious
Threat:
Trojan-Downloader.Shell.Agent
Threat name:
Script.Trojan.Multiverze
Status:
Malicious
First seen:
2026-06-11 14:10:57 UTC
File Type:
Text (Shell)
AV detection:
10 of 24 (41.67%)
Threat level:
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh ea4d1306fc9b763a84dd4b1f696ff95bb182d6724dda35cb48f96b0fcd499a42

(this sample)

  
Delivery method
Distributed via web download

Comments