MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 fce021d3d746aa9bbdfbabe382971f249bf957d9cfb28e78a07028745e607147. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	fce021d3d746aa9bbdfbabe382971f249bf957d9cfb28e78a07028745e607147
SHA3-384 hash:	d6ff65c784dad361c34f091ed4da62a4d37cf4e739acdc02ce41757c690455b77de69b57090beb7b4dd66e716a417842
SHA1 hash:	f9dff31ac2328c458f9237280209f72d67a37887
MD5 hash:	28bf4437e6125e42da3aabac42d3c459
humanhash:	foxtrot-cardinal-island-mars
File name:	c.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	723 bytes
First seen:	2026-01-13 02:39:00 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	12:3J3UUOpUU6AUUiNIl5yUUP0LKFUUrMBMUUuOqUUAjIUUcRUUVSyUU5eTt4xUUWTI:3J3NbNI7pKAe1TDyt4csn
TLSH	T1F201ADACF4F7A543E6289E88F0F6806A9001C1C93DB3CD55E82D9C3948F75143054F6B
Magika	shell
Reporter	abuse_ch
Tags:	sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

70

Origin country :

DE

Vendor Threat Intelligence

ACCE Unknown

No detections

ClamAV Detected

Detection(s):

SecuriteInfo.com.Linux.Downloader-33.UNOFFICIAL

Alert

Create hunting rule

FileScan.IO Malicious

Verdict:

Malicious

Threat level:

  10/10

Confidence:

100%

Tags:

mirai

Link:

https://www.filescan.io/uploads/6965b05cb5214ecba5ee2eca/reports/e370299c-51c2-42f2-8be7-fe5ff4a40ad3/overview

Kaspersky OpenTIP Malicious

Verdict:

Malicious

File Type:

text

First seen:

2026-01-12T20:10:00Z UTC

Last seen:

2026-01-13T00:12:00Z UTC

Hits:

~10

Detections:

HEUR:Trojan-Downloader.Shell.Agent.a

Link:

https://opentip.kaspersky.com/fce021d3d746aa9bbdfbabe382971f249bf957d9cfb28e78a07028745e607147/results?tab=lookup

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/9d1e77cf-b931-488e-87e4-ac3a9650d08e

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/fce021d3d746aa9bbdfbabe382971f249bf957d9cfb28e78a07028745e607147

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/fce021d3d746aa9bbdfbabe382971f249bf957d9cfb28e78a07028745e607147/

Neiki Trojan-Downloader.Shell.Agent

Verdict:

Malicious

Threat:

Trojan-Downloader.Shell.Agent

Link:

https://tip.neiki.dev/file/fce021d3d746aa9bbdfbabe382971f249bf957d9cfb28e78a07028745e607147

ReversingLabs TitaniumCloud Document-HTML.Worm.Mirai

Threat name:

Document-HTML.Worm.Mirai

Alert

Create hunting rule

Status:

Malicious

First seen:

2026-01-13 02:00:38 UTC

File Type:

Text (Shell)

AV detection:

13 of 24 (54.17%)

Threat level:

  5/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=7tqcdu6xi2vjxpp3vpryffy7esn7sv6zz6zi46faoauhixtaofdq._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/260113-c5gzqafy6h/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/fce021d3d746aa9bbdfbabe382971f249bf957d9cfb28e78a07028745e607147