MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 11bb239ab4d50239fc2d3411be65bb04412b8ec45fb08a6c89854e5231092c3e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments

SHA256 hash: 11bb239ab4d50239fc2d3411be65bb04412b8ec45fb08a6c89854e5231092c3e
SHA3-384 hash: fc43316df9672a9055600ac7a5f76ab75da7652353f7b8daa9cad6bd1eb6fbaa1552f344ea1c2ece0d2fae6c928d982a
SHA1 hash: 4550d80a5da914c1ed1cf44dfd44eacd1129d13d
MD5 hash: a99e56a80cfab200393bc55013b1e778
humanhash: floor-mockingbird-cold-edward
File name:11bb239ab4d50239fc2d3411be65bb04412b8ec45fb08a6c89854e5231092c3e
Download: download sample
File size:3'736 bytes
First seen:2026-07-02 10:53:12 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 96:HsKBiqTamLrDCkxwqyWuIRJxQdGiGJKuedMDHW92c1XEqX:HsOwRaoMDHc2OEe
TLSH T1F871BBBA2421D3317D8BCA7C7B50BD8CCC47A0E36A95AC91B18D2D04FF69E907A78704
TrID 70.0% (.SH) Linux/UNIX shell script (7000/1)
30.0% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika shell
Reporter JAMESWT_WT
Tags:igmc-duckdns-org sh

Intelligence


File Origin
# of uploads :
1
# of downloads :
55
Origin country :
IT IT
Vendor Threat Intelligence
No detections
Verdict:
Malicious
File Type:
unix shell
First seen:
2026-04-11T15:04:00Z UTC
Last seen:
2026-07-03T19:49:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan-Downloader.Shell.Agent.bc
Verdict:
Malicious
Threat:
Trojan-Downloader.Shell.Agent
Threat name:
Script-BAT.Downloader.Heuristic
Status:
Malicious
First seen:
2026-04-11 20:02:25 UTC
File Type:
Text (Shell)
AV detection:
7 of 36 (19.44%)
Threat level:
  2/5
Result
Malware family:
n/a
Score:
  4/10
Tags:
antivm discovery linux
Behaviour
Reads runtime system information
Writes file to tmp directory
Checks CPU configuration
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments