MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 06d7d759b71468b4cc8fbb80da69572ee656d41ead214c68b7aecb41d127277a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 6

Intelligence 6 IOCs YARA File information Comments

SHA256 hash:	06d7d759b71468b4cc8fbb80da69572ee656d41ead214c68b7aecb41d127277a
SHA3-384 hash:	6d4cbe1035f27da720b449c8c282d2b882d05182ca4c2485b9475d123d138379893685cb1dcbc4bece93029753d614cb
SHA1 hash:	b2225045bda1418b72a2263cae00b026d43133bf
MD5 hash:	b84b62dfcc28b859e58b5a1f70668270
humanhash:	cardinal-potato-spring-east
File name:	4044.zip
Download:	download sample
File size:	86'717 bytes
First seen:	2026-03-16 17:23:03 UTC
Last seen:	Never
File type:	php
MIME type:	text/x-php
ssdeep	1536:0WIOJj+1qn6juIsRTh6zTlIg45z+/IgZTqbfSxk6AJSrhuFvhTSKBfpzPi0KRymw:0ioPAOXB/DFjW
TLSH	T1878397A3D6EF875156045DE224ADF04C72A3DE1BE5739C918B80E1F6092BC31BAE3752
Magika	txt
Reporter	juroots
Tags:	php zip

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

No detections

Detection(s):

SecuriteInfo.com.Trojan.PHP.Agent.aee.31444.971.UNOFFICIAL

Verdict:

Malicious

Score:

81.4%

Link:

https://cyber-fortress.com/docs/result/index.php?id=69b83c8a93b644ca466aab58

Tags:

virus shell agent

Verdict:

Likely Malicious

Threat level:

7.5/10

Confidence:

100%

Tags:

masquerade php

Link:

https://www.filescan.io/uploads/69b83c862000fc76c3e2fdaa/reports/6a12e44b-2dd9-4204-ac31-e155a9b81eb2/overview

Verdict:

Malicious

Labled as:

PHP/Agent.YG trojan

Link:

https://www.hybrid-analysis.com/sample/06d7d759b71468b4cc8fbb80da69572ee656d41ead214c68b7aecb41d127277a

Verdict:

Malicious

File Type:

First seen:

2025-02-28T15:09:00Z UTC

Last seen:

2025-12-07T20:29:00Z UTC

Hits:

~100

Link:

https://opentip.kaspersky.com/06d7d759b71468b4cc8fbb80da69572ee656d41ead214c68b7aecb41d127277a/results?tab=lookup

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/06d7d759b71468b4cc8fbb80da69572ee656d41ead214c68b7aecb41d127277a/

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=a3l5ownxcruljtepxoanu2kxf3tfnva6vuquy2fxv3fudujhe55a._file

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/06d7d759b71468b4cc8fbb80da69572ee656d41ead214c68b7aecb41d127277a

File information

The table below shows additional information about this malware sample such as delivery method and external references.

No further information available

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample