MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f79b0f4f0360ba3f509d1927c9abdff740a48a765696bed2e5a6c15b3784cf20. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Mirai

Vendor detections: 8

Intelligence 8 IOCs YARA File information Comments

SHA256 hash:	f79b0f4f0360ba3f509d1927c9abdff740a48a765696bed2e5a6c15b3784cf20
SHA3-384 hash:	63e1693d2752910d236f5bfbcb8716b04368f7bc2b0c82446b7d79b4b56d18ad042f3dced483ecc6369748169855eba8
SHA1 hash:	da99c123818166273bf1b3709d3adbbe6bc95d9a
MD5 hash:	e5d7648dbbd90ad3835ea700e4325de8
humanhash:	skylark-river-purple-maryland
File name:	sh
Download:	download sample
Signature	Mirai Create hunting rule
File size:	268 bytes
First seen:	2026-01-18 17:57:45 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	6:/VJ+pUKUF2RVYTeinYf53IUy5p3FsDKVKAOXqIKa03IKq1IEE1IKBKW:/VJ+jRPEY5WgAsONI08W
TLSH	T1C5D02E0CF8030CB3B4348CF9BBDB24A4DA0FA21C2B0A65C92288221FE4F0C60A020623
Magika	shell
Reporter	abuse_ch
Tags:	mirai sh

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

No detections

Detection(s):

SecuriteInfo.com.Linux.DownLoader.1424.23314.14852.UNOFFICIAL

Verdict:

Likely Malicious

Threat level:

7.5/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/696d2b73fdafd7624ab03c1a/reports/1c11ec17-8de6-4256-b553-aa3e82263036/overview

Verdict:

Malicious

Labled as:

Bash.MiraiB.Generic

Link:

https://www.hybrid-analysis.com/sample/f79b0f4f0360ba3f509d1927c9abdff740a48a765696bed2e5a6c15b3784cf20

Verdict:

Malicious

File Type:

ps1

First seen:

2026-01-18T15:03:00Z UTC

Last seen:

2026-01-19T12:53:00Z UTC

Hits:

~10

Detections:

Trojan-Downloader.Shell.Agent.bi HEUR:Trojan-Downloader.Shell.Agent.p

Link:

https://opentip.kaspersky.com/f79b0f4f0360ba3f509d1927c9abdff740a48a765696bed2e5a6c15b3784cf20/results?tab=lookup

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/66e0a6c3-3d84-40b7-9431-76724e20403d

Behavior Graph:

Download SVG

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/f79b0f4f0360ba3f509d1927c9abdff740a48a765696bed2e5a6c15b3784cf20

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/f79b0f4f0360ba3f509d1927c9abdff740a48a765696bed2e5a6c15b3784cf20/

Verdict:

Malicious

Threat:

Trojan-Downloader.Shell.Agent

Link:

https://tip.neiki.dev/file/f79b0f4f0360ba3f509d1927c9abdff740a48a765696bed2e5a6c15b3784cf20

Threat name:

Linux.Downloader.MiraiB

Status:

Malicious

First seen:

2026-01-18 17:50:39 UTC

File Type:

Text (Shell)

AV detection:

12 of 36 (33.33%)

Threat level:

3/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=66nq6tydmc5d6ue5det4tk6765akjctwk2ll5uxfu3avwn4ez4qa._file

Result

Malware family:

n/a

Score:

3/10

Tags:

n/a

Link:

https://tria.ge/reports/260118-xg5fbsdv6d/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

sh f79b0f4f0360ba3f509d1927c9abdff740a48a765696bed2e5a6c15b3784cf20

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/3759818/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample