MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 02419de92a33a88bc17701008182ca9f7ea8d4645311b837b98738acdea83254. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information 1 Yara Comments

SHA256 hash: 02419de92a33a88bc17701008182ca9f7ea8d4645311b837b98738acdea83254
SHA3-384 hash: fb3d1adce724280625a260ebe3ec3f7b23e2949c68ffee330701028383bbeb10cf0bf2a1d3ab1cc87979104c60c1c93e
SHA1 hash: cc485809238308e567265b5551a5dd691abc8683
MD5 hash: 83ac08216d56725718ed7f0b4d5606d2
humanhash: august-triple-papa-robert
File name:tmpccfb1_maxko.sh
Download: download sample
Signature n/a
File size:100 bytes
First seen:2020-04-13 05:58:59 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 3:GRF/cNMLWOFDOSaMFeiB5mYSv:S/cNqDVvB4J
TLSH 7EB0124E73622F0033018F0C37F18430D000C1C4911B428DD4FC042D60CC97D322011D
Reporter @defconisov3r
Tags:sh

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 1'822
Origin country FR FR
ClamAV No detection
CERT.PL MWDB Gathering data
ReversingLabs :Status:Malicious
Threat name:Script-Shell.Downloader.Generic
First seen:2020-04-13 06:36:05 UTC
AV detection:2 of 45 (4.44%)
Threat level:   2/5
VirusTotal:Virustotal results 3.33%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments