MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 70f17fa4dfb42d1487466f5ac56b954f301ff48398fbf0a87b2fdebcb5a3bb59. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	70f17fa4dfb42d1487466f5ac56b954f301ff48398fbf0a87b2fdebcb5a3bb59
SHA3-384 hash:	2b81b3f526d6f487b69942b3247e7dc8dfbdf8e7737d10cb79dc6595b503c97d88db16f62c69173d4466c8a4061aafac
SHA1 hash:	1a6b4221676ed9c7b65e7696348d05d63d83e335
MD5 hash:	0f36442574e4029bb33acf9418fad1ae
humanhash:	arizona-magnesium-india-seven
File name:	goahead
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	1'074 bytes
First seen:	2025-09-08 16:34:31 UTC
Last seen:	2025-09-09 14:41:30 UTC
File type:	sh
MIME type:	text/plain
ssdeep	24:IiScySSWkKaxVUyCCoQ0NeXYH0OzYK8KNIyZklQIGyBr:IiPybWkKaxiyCCoQ0NeXw0OzY76ZklQ6
TLSH	T18C11E2DE6861B541440A7F8461F23734B811D1D123A0AF8DEED82EB587CCE2071F9BC5
Magika	javascript
Reporter	abuse_ch
Tags:	sh

Intelligence

---

File Origin

# of uploads :

4

# of downloads :

29

Origin country :

DE

Vendor Threat Intelligence

Hybrid Analysis TrojanDownloader/Linux.Agent

Verdict:

Malicious

Labled as:

TrojanDownloader/Linux.Agent

Link:

https://www.hybrid-analysis.com/sample/70f17fa4dfb42d1487466f5ac56b954f301ff48398fbf0a87b2fdebcb5a3bb59

Kaspersky OpenTIP Malicious

Verdict:

Malicious

File Type:

text

First seen:

2025-09-08T14:32:00Z UTC

Last seen:

2025-09-08T14:32:00Z UTC

Hits:

~10

Link:

https://opentip.kaspersky.com/70f17fa4dfb42d1487466f5ac56b954f301ff48398fbf0a87b2fdebcb5a3bb59/results?tab=lookup

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/479a5287-e25f-4096-ab35-34fed8cb6664

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/70f17fa4dfb42d1487466f5ac56b954f301ff48398fbf0a87b2fdebcb5a3bb59

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/70f17fa4dfb42d1487466f5ac56b954f301ff48398fbf0a87b2fdebcb5a3bb59/

ReversingLabs TitaniumCloud Document-HTML.Downloader.Heuristic

Threat name:

Document-HTML.Downloader.Heuristic

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-09-08 17:16:53 UTC

File Type:

Text (Shell)

AV detection:

18 of 38 (47.37%)

Threat level:

  2/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=odyx7jg7wqwrjb2gn5nmk24vj4yb75edtd57bkd3f7plznndxnmq._file

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/70f17fa4dfb42d1487466f5ac56b954f301ff48398fbf0a87b2fdebcb5a3bb59