MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f28af739fa05be18a5de624e84c3fe7fbc86b41bb34856de64c9641d3b22abde. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: f28af739fa05be18a5de624e84c3fe7fbc86b41bb34856de64c9641d3b22abde
SHA3-384 hash: accb2663b994ff9c5935ad1f9beb55ba02c41ed176b65d68d67fb23fbcc148458e6edcf679419ef7ed011ac926d86699
SHA1 hash: 27f9a4f6bf4ee66bc212dd79e2d9dc0b3da8ad33
MD5 hash: ab6c4b6a54da2c8673ee2d68163e94ed
humanhash: violet-monkey-undress-red
File name:massload
Download: download sample
Signature Mirai
Create hunting rule
File size:1'190 bytes
First seen:2025-09-08 15:56:36 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 24:boWBGhBh9Mk8Qokw5S2x5oV2tKXbatkk0:boGGhL8QoMQtuat/0
TLSH T106219ACEF592D3B10D9C8E00A1D2C826A01A6BD710A08D6CB89F1CB5BD6CE51F059BB1
Magika shell
Reporter abuse_ch
Tags:mirai sh
URLMalware sample (SHA256 hash)SignatureTags
http://160.250.134.51/mips7cd5fb5b6d94ac2acf16f8904f6f307f47710df1d51129d55e70590a52dcf823 Mirai32-bit elf gafgyt mirai Mozi
http://160.250.134.51/mpsle4acbf0a1448e928ea7714cf90692001c454b37d78b13a955f475568b36bbaec Miraielf mirai ua-wget
http://160.250.134.51/arm8a235a9336092da5a5fd75dc7c04bf109a796cab8cbe52666f972c2c5f3ff285 Mirai32-bit elf mirai Mozi
http://160.250.134.51/arm516877e8cab68f6d6a557b0bee1e41a6d938997cb31a62cfe017ed21867b41801 Miraielf mirai ua-wget
http://160.250.134.51/arm70fd1878b69312fbf748d3be8ba65b3431083985fcfe65a3b32a74a8ef69cdf89 Miraielf mirai ua-wget

Intelligence

File Origin
# of uploads :
1
# of downloads :
29
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Labled as:
Trojan[Downloader]/Shell.Agent
Link:
https://www.hybrid-analysis.com/sample/f28af739fa05be18a5de624e84c3fe7fbc86b41bb34856de64c9641d3b22abde
Verdict:
Malicious
File Type:
unix shell
First seen:
2025-09-08T13:48:00Z UTC
Last seen:
2025-09-08T13:48:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/f28af739fa05be18a5de624e84c3fe7fbc86b41bb34856de64c9641d3b22abde/results?tab=lookup
Score:
93%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/f28af739fa05be18a5de624e84c3fe7fbc86b41bb34856de64c9641d3b22abde
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/f28af739fa05be18a5de624e84c3fe7fbc86b41bb34856de64c9641d3b22abde/
Threat name:
Linux.Trojan.Vigorf
Create hunting rule
Status:
Malicious
First seen:
2025-09-08 15:22:20 UTC
File Type:
Text (Shell)
AV detection:
15 of 38 (39.47%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=6kfpoop2aw7brjo6mjhijq76p66inna3wnefnxtezfsb2ozcvppa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.31
Link:
https://yomi.yoroi.company/submissions/f28af739fa05be18a5de624e84c3fe7fbc86b41bb34856de64c9641d3b22abde

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh f28af739fa05be18a5de624e84c3fe7fbc86b41bb34856de64c9641d3b22abde

(this sample)

Mirai

elf 08fc70dcc2fee6611b7f92c7153d39a7ae8cdc672151af202e92cc913443901f

  
URLhaus
https://urlhaus.abuse.ch/url/3620091/
  
Delivery method
Distributed via web download
  
Dropping
MD5 2e687d0139d6a6a44f90a09c765c5f5b
  
Dropping
SHA256 08fc70dcc2fee6611b7f92c7153d39a7ae8cdc672151af202e92cc913443901f

Comments