MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 301190fb054b34bafe50a1358b993c05b92909d7b6c3855b4cc2c585a7a36377. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 301190fb054b34bafe50a1358b993c05b92909d7b6c3855b4cc2c585a7a36377
SHA3-384 hash: 74df378d02975ff528828dd6d7b718dc6a9758d1588cd4aa1050e6a7db77b2b761089efc4a16541e3f13c20610c3eedf
SHA1 hash: 01e7c44302d26114ef4510c9b6adbfaf48faef5f
MD5 hash: 12dbb3d87a51f1ce9b6a8dc67c6e6cc5
humanhash: mike-bakerloo-uncle-thirteen
File name:sh
Download: download sample
File size:292 bytes
First seen:2026-02-02 06:29:29 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 6:/VJ+pUKUFAmVYsZJLUPYjFzxEIonF+3FYKo1KXGVKGuWOXqIN3Ikr1IEx1IQ:/VJ+3mboYjFzsnKo1fgzWs3rN
TLSH T1D2E02B48F8824CBAF47C4CA8FA9B2947D55FC7590D4211C95681111BF4E5DB0A122B77
Magika txt
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
107
Origin country :
DE DE
Vendor Threat Intelligence
Gathering data
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/69805b00930564ff3c8305d7/reports/84fd117f-8daf-4f9f-901d-0488b86577db/overview
Verdict:
Malicious
Labled as:
Bash.MiraiB.Generic
Link:
https://www.hybrid-analysis.com/sample/301190fb054b34bafe50a1358b993c05b92909d7b6c3855b4cc2c585a7a36377
Result
Gathering data
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/4dc31e71-1b64-4cf8-a37c-b1c038024fcf
Behavior Graph:
Download SVG
%3 guuid=dc3e4db6-2a00-0000-f9ec-7ea9660c0000 pid=3174 /usr/bin/sudo guuid=a763f5b8-2a00-0000-f9ec-7ea9670c0000 pid=3175 /tmp/sample.bin guuid=dc3e4db6-2a00-0000-f9ec-7ea9660c0000 pid=3174->guuid=a763f5b8-2a00-0000-f9ec-7ea9670c0000 pid=3175 execve
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/301190fb054b34bafe50a1358b993c05b92909d7b6c3855b4cc2c585a7a36377
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/301190fb054b34bafe50a1358b993c05b92909d7b6c3855b4cc2c585a7a36377/
Threat name:
Linux.Downloader.MiraiB
Create hunting rule
Status:
Malicious
First seen:
2026-02-02 07:15:20 UTC
File Type:
Text (Shell)
AV detection:
13 of 36 (36.11%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=gaizb6yfjm2lv7sque2yxgj4aw4sscoxw3bykw2mylcylj5dmn3q._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260202-jzk8hscs5c/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/301190fb054b34bafe50a1358b993c05b92909d7b6c3855b4cc2c585a7a36377

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 301190fb054b34bafe50a1358b993c05b92909d7b6c3855b4cc2c585a7a36377

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3770510/
  
Delivery method
Distributed via web download

Comments