MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0c93de2d78b508b065fcb9dd0224b02b4b21c3db0ae905e0da2c42135edf314d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0c93de2d78b508b065fcb9dd0224b02b4b21c3db0ae905e0da2c42135edf314d
SHA3-384 hash: f7372050bc1f487204fc7ef207e4e723ea1de5ef30c5a7194d30489ef98c0f9e2b1fc9e380ab04eb79d8e8b134b776f6
SHA1 hash: 5d468a19aca9ab6f3da939bb403763bb2d54b82c
MD5 hash: 1942842ebf721b84d83342075e4463ce
humanhash: bluebird-equal-lactose-harry
File name:m
Download: download sample
File size:554 bytes
First seen:2026-02-28 19:45:51 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:MquhRnFxvhshjg+U2SSS/SeNWXgnxo8YHj6X:MfnnDhkg+nvASxXiajD6X
TLSH T13EF0E19040A12DB02BFC5D6884555A5C90531761629B2F69A0F2C9F6CF670447709B90
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://ext-checkdin.vercel.app/api/tokenln/an/an/a

Intelligence

File Origin
# of uploads :
1
# of downloads :
107
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
base64 bash lolbin obfuscated
Link:
https://www.filescan.io/uploads/69a3edd497feb4afd662472d/reports/0489d3da-0b51-4c50-b35d-848d41852e60/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/0c93de2d78b508b065fcb9dd0224b02b4b21c3db0ae905e0da2c42135edf314d
Verdict:
Unknown
File Type:
text
Link:
https://opentip.kaspersky.com/0c93de2d78b508b065fcb9dd0224b02b4b21c3db0ae905e0da2c42135edf314d/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/5d2f0c4f-73fa-4b9d-8cc5-9c53ded8f715
Behavior Graph:
Download SVG
%3 guuid=bd5dbbe7-1a00-0000-4e99-75bef6070000 pid=2038 /usr/bin/sudo guuid=00ce8fea-1a00-0000-4e99-75befc070000 pid=2044 /tmp/sample.bin guuid=bd5dbbe7-1a00-0000-4e99-75bef6070000 pid=2038->guuid=00ce8fea-1a00-0000-4e99-75befc070000 pid=2044 execve guuid=ed30eeea-1a00-0000-4e99-75befe070000 pid=2046 /usr/bin/mkdir guuid=00ce8fea-1a00-0000-4e99-75befc070000 pid=2044->guuid=ed30eeea-1a00-0000-4e99-75befe070000 pid=2046 execve guuid=cbd195eb-1a00-0000-4e99-75be00080000 pid=2048 /usr/bin/clear guuid=00ce8fea-1a00-0000-4e99-75befc070000 pid=2044->guuid=cbd195eb-1a00-0000-4e99-75be00080000 pid=2048 execve
Score:
47%
Verdict:
Susipicious
File Type:
SCRIPT
Link:
https://malprob.io/report/0c93de2d78b508b065fcb9dd0224b02b4b21c3db0ae905e0da2c42135edf314d
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/0c93de2d78b508b065fcb9dd0224b02b4b21c3db0ae905e0da2c42135edf314d/
Threat name:
Text.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-02-28 20:11:25 UTC
File Type:
Text (Shell)
AV detection:
3 of 24 (12.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=bsj54llywuelazp4xhoqejfqfnfsdq63bluqlyg2frbbgxw7gfgq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/0c93de2d78b508b065fcb9dd0224b02b4b21c3db0ae905e0da2c42135edf314d

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 0c93de2d78b508b065fcb9dd0224b02b4b21c3db0ae905e0da2c42135edf314d

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3787692/
  
Delivery method
Distributed via web download

Comments