MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c17844637e23cedfa3500051be67dde8efd4f82cc3cce4116115d786a3bcb8f4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c17844637e23cedfa3500051be67dde8efd4f82cc3cce4116115d786a3bcb8f4
SHA3-384 hash: 754c21098f8807e529be58fd0cacd726c7027edf5711589b73ad22a96863f1e434249308ab20207e47659c459cdd4676
SHA1 hash: f5172aa2dbbd3efb1345aab843f8d6e75fa38919
MD5 hash: d3215f9366d703663cb1375ce7059261
humanhash: spring-foxtrot-beryllium-lamp
File name:bins.sh
Download: download sample
File size:328 bytes
First seen:2026-02-16 08:14:05 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 6:hd2Pr0OXOZYzBqlQXZRlzTjafaqUZtL57bNwb:X2jOZYzYlE/jaC3THGb
TLSH T15FE02B5420673596BE531E10762BBBD135806C45EA10183EE3B9BF234CBCF017B0E971
TrID 70.0% (.SH) Linux/UNIX shell script (7000/1)
30.0% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika shell
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
49
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Detection(s):
SecuriteInfo.com.Linux.Mirai-82.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.Linux.Downloader-2.UNOFFICIAL
Create hunting rule

Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6992d1d5930564ff3ca31385/reports/e4abc389-d01b-4d42-b7f4-2e1b17b3d4f7/overview
Verdict:
Malicious
File Type:
unix shell
Detections:
Trojan-Downloader.Shell.Agent.bi HEUR:Trojan-Downloader.Shell.Mirai.a
Link:
https://opentip.kaspersky.com/c17844637e23cedfa3500051be67dde8efd4f82cc3cce4116115d786a3bcb8f4/results?tab=lookup
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c17844637e23cedfa3500051be67dde8efd4f82cc3cce4116115d786a3bcb8f4/
Verdict:
Malicious
Threat:
Trojan-Downloader.Shell.Mirai
Link:
https://tip.neiki.dev/file/c17844637e23cedfa3500051be67dde8efd4f82cc3cce4116115d786a3bcb8f4
Threat name:
Linux.Trojan.Dakkatoni
Create hunting rule
Status:
Malicious
First seen:
2026-02-16 09:10:44 UTC
AV detection:
13 of 24 (54.17%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=yf4eiy36ephn7i2qabi34z655dx5j6bmypgoielbcxlyni54xd2a._file
Result
Malware family:
n/a
Score:
  7/10
Tags:
defense_evasion discovery linux
Link:
https://tria.ge/reports/260216-j422tshz4a/
Behaviour
System Network Configuration Discovery
Writes file to tmp directory
File and Directory Permissions Modification
Executes dropped EXE
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.05
Link:
https://yomi.yoroi.company/submissions/c17844637e23cedfa3500051be67dde8efd4f82cc3cce4116115d786a3bcb8f4

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh c17844637e23cedfa3500051be67dde8efd4f82cc3cce4116115d786a3bcb8f4

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3776974/
  
Delivery method
Distributed via web download

Comments