MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 dcbcba0a0d2a7daa4caf7aa202362278dafacb6b38cab93f1d195ca6ff8f5205. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments

SHA256 hash: dcbcba0a0d2a7daa4caf7aa202362278dafacb6b38cab93f1d195ca6ff8f5205
SHA3-384 hash: 5304c3c02e8f0bbbbab3b167e4ee3057546eff6cdfc1ef6895bbb898d12dda0f1cf48de8687be483b321a241157baaea
SHA1 hash: 8b0013aa15a879ed95206c503bf86d5913ae69a4
MD5 hash: 5025f7062879eb8eaaa11e76e9dde1f3
humanhash: cardinal-golf-white-tango
File name:o
Download: download sample
Signature Mirai
File size:93 bytes
First seen:2026-07-02 23:02:04 UTC
Last seen:2026-07-03 06:01:29 UTC
File type: sh
MIME type:text/plain
ssdeep 3:6X29KDQNUCSnhFVZYRoM8aGBzSEyLTUWvn:NoDW2hviR+IXn
TLSH T176B0124670343040C504B81078B2471D20A78B8004182B0C55FC1221CC68108B4B4985
Magika batch
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://217.60.195.160/gigatex/mipsc9b29956b3aaaf4216865e173b8d581523bfa447eeddf3578d1c158c6ffee527 Miraielf mirai ua-wget

Intelligence


File Origin
# of uploads :
210
# of downloads :
3
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
evasive
Status:
terminated
Behavior Graph:
%3 guuid=df47fc68-1b00-0000-82da-eb101b0f0000 pid=3867 /usr/bin/sudo guuid=1cff726c-1b00-0000-82da-eb10220f0000 pid=3874 /tmp/sample.bin guuid=df47fc68-1b00-0000-82da-eb101b0f0000 pid=3867->guuid=1cff726c-1b00-0000-82da-eb10220f0000 pid=3874 execve guuid=4bd6da6c-1b00-0000-82da-eb10230f0000 pid=3875 /usr/bin/rm guuid=1cff726c-1b00-0000-82da-eb10220f0000 pid=3874->guuid=4bd6da6c-1b00-0000-82da-eb10230f0000 pid=3875 execve guuid=4fe28d6d-1b00-0000-82da-eb10240f0000 pid=3876 /usr/bin/dash guuid=1cff726c-1b00-0000-82da-eb10220f0000 pid=3874->guuid=4fe28d6d-1b00-0000-82da-eb10240f0000 pid=3876 clone guuid=17f2ed6d-1b00-0000-82da-eb10250f0000 pid=3877 /usr/bin/chmod guuid=1cff726c-1b00-0000-82da-eb10220f0000 pid=3874->guuid=17f2ed6d-1b00-0000-82da-eb10250f0000 pid=3877 execve guuid=be568c6e-1b00-0000-82da-eb10260f0000 pid=3878 /usr/bin/dash guuid=1cff726c-1b00-0000-82da-eb10220f0000 pid=3874->guuid=be568c6e-1b00-0000-82da-eb10260f0000 pid=3878 clone
Gathering data
Threat name:
Script.Trojan.Heuristic
Status:
Malicious
First seen:
2026-07-03 02:19:47 UTC
File Type:
Text (Shell)
AV detection:
3 of 38 (7.89%)
Threat level:
  2/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh dcbcba0a0d2a7daa4caf7aa202362278dafacb6b38cab93f1d195ca6ff8f5205

(this sample)

  
Delivery method
Distributed via web download

Comments