MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ffc06c389aee18730f939be78e9cc436e20887bce312d97ba55a424262ef11d2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 7

Intelligence 7 IOCs YARA File information Comments

SHA256 hash:	ffc06c389aee18730f939be78e9cc436e20887bce312d97ba55a424262ef11d2
SHA3-384 hash:	4dd6142fdb37b8594de3f4f3f8d792671ab0027c7f90b927ea7a83631feef3a52e79543a0aaa5a4bdb502647c57127c5
SHA1 hash:	53ab9169af60c7460d931f45f1ccf7c045a6e30e
MD5 hash:	987ae39ee6f926b2f25605046afca3ae
humanhash:	lactose-ack-mango-pluto
File name:	byte
Download:	download sample
File size:	293 bytes
First seen:	2025-10-19 20:47:54 UTC
Last seen:	2025-10-21 04:29:22 UTC
File type:	sh
MIME type:	text/x-shellscript
ssdeep	6:hftJ+pUKUF2RVYx8iHYf53IeRd3FoF/fkVKhOXqIKXD73IKX+N1IEWYq1IKBKW:ZtJ+jRE8KYLkF0ghsOTh4WYO8W
TLSH	T1BCE0C299F8520C3678788CB9B7DB2491A50BA20E6E0A558E3189520BAAE4950A050893
Magika	shell
Reporter	juroots
Tags:	sh

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.Linux.Downloader-23.UNOFFICIAL

Verdict:

Likely Malicious

Threat level:

7.5/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/68f54ebdc85c5c56972e4786/reports/34ce6655-a18a-4cb2-a9db-1ee2634250a0/overview

Verdict:

Malicious

Labled as:

Bash.MiraiB.Generic

Link:

https://www.hybrid-analysis.com/sample/ffc06c389aee18730f939be78e9cc436e20887bce312d97ba55a424262ef11d2

Verdict:

Malicious

File Type:

unix shell

First seen:

2025-10-19T18:49:00Z UTC

Last seen:

2025-10-21T18:33:00Z UTC

Hits:

~10

Link:

https://opentip.kaspersky.com/ffc06c389aee18730f939be78e9cc436e20887bce312d97ba55a424262ef11d2/results?tab=lookup

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/32a69f7b-f955-4f20-9348-0f3f91e4a3ad

Behavior Graph:

Download SVG

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/ffc06c389aee18730f939be78e9cc436e20887bce312d97ba55a424262ef11d2

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/ffc06c389aee18730f939be78e9cc436e20887bce312d97ba55a424262ef11d2/

Threat name:

Linux.Downloader.MiraiB

Status:

Malicious

First seen:

2025-10-19 21:10:39 UTC

AV detection:

15 of 38 (39.47%)

Threat level:

3/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=77agyoe25ymhgd4ttpty5hgeg3rarb544mjns65fljbeeyxpchja._file

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Suspicious File

Score:

0.37

Link:

https://yomi.yoroi.company/submissions/ffc06c389aee18730f939be78e9cc436e20887bce312d97ba55a424262ef11d2

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh ffc06c389aee18730f939be78e9cc436e20887bce312d97ba55a424262ef11d2

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/3682072/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample