MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 083fcecbe81d2d8312afa5f2ea3a18c9e4d295f0f5e5064497f70a07054b7931. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	083fcecbe81d2d8312afa5f2ea3a18c9e4d295f0f5e5064497f70a07054b7931
SHA3-384 hash:	560bd29fcac94737d1155ccfe6d2fdb71da76224384cc0f0224a668c9ebc911d1966898ab7b6ce3d3be2ae96a5afab4a
SHA1 hash:	236e64584c15623b621f812e862e5aeee5651f96
MD5 hash:	8e3f8addc54e753c481f023cd9f0ef87
humanhash:	jersey-venus-alabama-johnny
File name:	baby.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	2'550 bytes
First seen:	2025-10-20 04:32:39 UTC
Last seen:	Never
File type:	sh
MIME type:	text/x-shellscript
ssdeep	48:vkivkTTkMbkHrkZbktnkq7Rk6jkVXkAc6k8Y82khrkUnkuBkNw:v9mD2YcF9M7lJ2ez1N
TLSH	T1F751AECD31A10A34AC67D9B633A658CE318D58AEB9C1BF0C48DCB4E4E14FF492480647
Magika	shell
Reporter	abuse_ch
Tags:	mirai sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

53

Origin country :

DE

Vendor Threat Intelligence

ClamAV Detected

Detection(s):

Sanesecurity.Malware.30790.LX.BOT.UNOFFICIAL

Alert

Create hunting rule

SecuriteInfo.com.Linux.Downloader-29.UNOFFICIAL

Alert

Create hunting rule

SecuriteInfo.com.Linux.Downloader-6.UNOFFICIAL

Alert

Create hunting rule

Kaspersky OpenTIP Malicious

Verdict:

Malicious

File Type:

unix shell

First seen:

2025-10-20T02:01:00Z UTC

Last seen:

2025-10-20T02:35:00Z UTC

Hits:

~10

Detections:

HEUR:Trojan-Downloader.Shell.Agent.p HEUR:Trojan-Downloader.Shell.Agent.gen HEUR:Trojan-Downloader.Shell.Agent.a

Link:

https://opentip.kaspersky.com/083fcecbe81d2d8312afa5f2ea3a18c9e4d295f0f5e5064497f70a07054b7931/results?tab=lookup

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/6e2b6a5f-106c-41ed-8863-5e8a0de79287

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/083fcecbe81d2d8312afa5f2ea3a18c9e4d295f0f5e5064497f70a07054b7931

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/083fcecbe81d2d8312afa5f2ea3a18c9e4d295f0f5e5064497f70a07054b7931/

Neiki Family.MIRAI

Verdict:

Malicious

Threat:

Family.MIRAI

Link:

https://tip.neiki.dev/file/083fcecbe81d2d8312afa5f2ea3a18c9e4d295f0f5e5064497f70a07054b7931

ReversingLabs TitaniumCloud Linux.Downloader.Morila

Threat name:

Linux.Downloader.Morila

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-10-20 04:33:26 UTC

File Type:

Text (Shell)

AV detection:

23 of 37 (62.16%)

Threat level:

  3/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=ba745s7iduwygevpuxzouoqyzhsnffpq6xsqmrex64faobklpeyq._file

Hatching Triage mirai

Result

Malware family:

mirai

Alert

Create hunting rule

Score:

  10/10

Tags:

family:mirai botnet:lzrd antivm botnet defense_evasion discovery linux upx

Link:

https://tria.ge/reports/251020-e6qdlaznhk/

Behaviour

Reads runtime system information

System Network Configuration Discovery

Writes file to tmp directory

Checks CPU configuration

UPX packed file

Enumerates running processes

Writes file to system bin folder

File and Directory Permissions Modification

Executes dropped EXE

Modifies Watchdog functionality

Mirai

Mirai family

VMRay Mirai

Malware family:

Mirai

Alert

Create hunting rule

Verdict:

Malicious

Link:

https://www.vmray.com/analyses/_mb/083fcecbe81d/report/overview.html

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Suspicious File

Threat name:

Suspicious File

Score:

0.39

Link:

https://yomi.yoroi.company/submissions/083fcecbe81d2d8312afa5f2ea3a18c9e4d295f0f5e5064497f70a07054b7931