MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 03b370db936066bc42a830b10e258123957310145093e581061b3a5773a73b21. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 03b370db936066bc42a830b10e258123957310145093e581061b3a5773a73b21
SHA3-384 hash: 70b3289b7df6a32c0e7d1adf4295b7c2325e0cc4b98cd6b3512f60adcf23bef4f776d08fa3bd82c890c06ec142aea2e9
SHA1 hash: f24e5df6ab59cd84a3e976ba4539e471be31e978
MD5 hash: 53079341640e736a9de01f5f1f81b9db
humanhash: delta-twelve-finch-sad
File name:tp
Download: download sample
File size:241 bytes
First seen:2025-01-18 11:16:01 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 3:TKH4vEbJTAJvUdRNqUX9EHvvX44FpvWXF+3FELcUFF2TDNa5YnFNFROSa4FNFQO2:h0J8JaqPP4OWY3Fqj/q4YFNT5NWO2
TLSH T10DD0A79A9286001A1C059FC991734C50BB0DB0C659B319F5BD4DA15F1795D6124E15B4
Magika shell
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
77
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.DownLoader.2243.5620.9083.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
92.5%
Link:
https://cyber-fortress.com/docs/result/index.php?id=678bfa394487910100e0ab74linux22vpnfull_triage
Tags:
gafgyt mirai
Verdict:
Malicious
Labled as:
Bash.MiraiB.Generic
Link:
https://www.hybrid-analysis.com/sample/03b370db936066bc42a830b10e258123957310145093e581061b3a5773a73b21
Result
Verdict:
MALICIOUS
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/03b370db936066bc42a830b10e258123957310145093e581061b3a5773a73b21
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/03b370db936066bc42a830b10e258123957310145093e581061b3a5773a73b21/
Threat name:
Script-Shell.Trojan.Dakkatoni
Create hunting rule
Status:
Malicious
First seen:
2025-01-18 12:02:32 UTC
File Type:
Text (Shell)
AV detection:
11 of 38 (28.95%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=aozxbw4tmbtlyqvigcyq4jmbeokxgeaukcj6laigdm5fo45hhmqq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.31
Link:
https://yomi.yoroi.company/submissions/03b370db936066bc42a830b10e258123957310145093e581061b3a5773a73b21

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 03b370db936066bc42a830b10e258123957310145093e581061b3a5773a73b21

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3400764/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3400816/

Comments