MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b96697c4740f52ed87b1a986dddb5dd6ab8dfc59368394f659c82bd2b3c44aa4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Gafgyt


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b96697c4740f52ed87b1a986dddb5dd6ab8dfc59368394f659c82bd2b3c44aa4
SHA3-384 hash: 6f826b3e901d01577da0428a044c490e377fcab8fd0967268c700371c9cb149a62e9283b88efab916d9d74946022143a
SHA1 hash: 67c94eb5e696d916934003d1a0264520153c8abf
MD5 hash: ecffd6580d4155911f21939788c98a08
humanhash: fix-mountain-glucose-washington
File name:tp
Download: download sample
Signature Gafgyt
Create hunting rule
File size:290 bytes
First seen:2025-01-14 20:57:11 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 6:h0J8JaiGHMFhHoFhExWY3Fqj/q4YFNT5NW:iGJ/GsFhHoFh+WfDYjS
TLSH T16DD02B5E8156052B1C458FDCD1330C21FB29B1C514731FA9FF4EB17F7799820A4A16A4
Magika shell
Reporter abuse_ch
Tags:gafgyt sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
114
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.DownLoader.2243.11599.9954.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6787efebaa9c8e7858deeafclinux22vpnfull_triage
Tags:
phishing gafgyt mirai
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6786cfdaf6ef415507db84a0/reports/42da357a-6afc-463d-a940-a3f921668209/overview
Verdict:
Malicious
Labled as:
Bash.MiraiB.Generic
Link:
https://www.hybrid-analysis.com/sample/b96697c4740f52ed87b1a986dddb5dd6ab8dfc59368394f659c82bd2b3c44aa4
Result
Verdict:
MALICIOUS
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/b96697c4740f52ed87b1a986dddb5dd6ab8dfc59368394f659c82bd2b3c44aa4
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b96697c4740f52ed87b1a986dddb5dd6ab8dfc59368394f659c82bd2b3c44aa4/
Threat name:
Script-Shell.Trojan.Dakkatoni
Create hunting rule
Status:
Malicious
First seen:
2025-01-14 21:06:41 UTC
File Type:
Text (Shell)
AV detection:
15 of 38 (39.47%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=xftjprdub5jo3b5rvgdn3w2522vy37czg2bzj5szzav5fm6ejksa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/b96697c4740f52ed87b1a986dddb5dd6ab8dfc59368394f659c82bd2b3c44aa4

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Gafgyt

sh b96697c4740f52ed87b1a986dddb5dd6ab8dfc59368394f659c82bd2b3c44aa4

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3400764/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3400816/

Comments