MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4ac02fd9af61d70b89b79e011837194f4b1d67038d17ab77643aeeccbae0e2b9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 4ac02fd9af61d70b89b79e011837194f4b1d67038d17ab77643aeeccbae0e2b9
SHA3-384 hash: 682cefd574af5e0dc4693cb500b3c4aefbcca2cfb4bba03f7d229c8e2662c11cd52280b5fc30b9320cfbce48484db56a
SHA1 hash: 6635a794259ad9de855f124c45950dde2f58bcec
MD5 hash: f6e6e6ae1ebb2e1a6b5740551675bc94
humanhash: jupiter-table-lactose-louisiana
File name:j.sh
Download: download sample
File size:206 bytes
First seen:2026-02-13 11:52:23 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 6:hiiQE0JI+7Axip1uCGFH+dWZ5y9FnQEc5:ciUJqQpMCGFH1ZYo
TLSH T1BBD023C514319F63BC8DCDB0FA2710FDE004724064C50C44E8431857401F1D5B42552E
TrID 70.0% (.SH) Linux/UNIX shell script (7000/1)
30.0% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika shell
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
28
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/698f10ae2ffccda0976f15f5/reports/527c7998-1921-4098-8473-ffd7bf5bff1a/overview
Result
Gathering data
Verdict:
Malicious
File Type:
unix shell
Detections:
Trojan-Downloader.Shell.Agent.bi
Link:
https://opentip.kaspersky.com/4ac02fd9af61d70b89b79e011837194f4b1d67038d17ab77643aeeccbae0e2b9/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/2fe2bee7-d0a4-46a6-a3b9-0119928641d2
Behavior Graph:
Download SVG
%3 guuid=967beebe-1600-0000-eb15-88e5b90c0000 pid=3257 /usr/bin/sudo guuid=80bb73c1-1600-0000-eb15-88e5c20c0000 pid=3266 /tmp/sample.bin guuid=967beebe-1600-0000-eb15-88e5b90c0000 pid=3257->guuid=80bb73c1-1600-0000-eb15-88e5c20c0000 pid=3266 execve
Score:
98%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/4ac02fd9af61d70b89b79e011837194f4b1d67038d17ab77643aeeccbae0e2b9
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/4ac02fd9af61d70b89b79e011837194f4b1d67038d17ab77643aeeccbae0e2b9/
Verdict:
Malicious
Threat:
Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/4ac02fd9af61d70b89b79e011837194f4b1d67038d17ab77643aeeccbae0e2b9
Threat name:
Script-Shell.Malware.MiraiB
Create hunting rule
Status:
Malicious
First seen:
2026-02-13 11:53:24 UTC
File Type:
Text (Shell)
AV detection:
3 of 36 (8.33%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=jlac7wnpmhlqxcnxtyarqnyzj5fr2zydrul2w53ehlxmzoxa4k4q._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/260213-n2fg9sds9c/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/4ac02fd9af61d70b89b79e011837194f4b1d67038d17ab77643aeeccbae0e2b9

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 4ac02fd9af61d70b89b79e011837194f4b1d67038d17ab77643aeeccbae0e2b9

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3777095/
  
Delivery method
Distributed via web download

Comments