MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 1459e201b652f6c057e32b9e4f0589f666ffa0619aab2e223f7fb52dd682fc29. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 1459e201b652f6c057e32b9e4f0589f666ffa0619aab2e223f7fb52dd682fc29
SHA3-384 hash: 711b3594ac42c661ff416386c1f872b8df04adfebd4b344c066af9013348cd5025971439804fb50fd133b3baaec7ce7a
SHA1 hash: b1ac1e72cdc93f788e92153edc19ac9541969ed9
MD5 hash: 1d8a495143372e26800c5d6d973225d8
humanhash: london-don-ink-happy
File name:1459e201b652f6c057e32b9e4f0589f666ffa0619aab2e223f7fb52dd682fc29.sh
Download: download sample
File size:688 bytes
First seen:2026-02-22 13:21:09 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:cHsuFy8RfMR8VNxOvGHfQx5GOeXXrKKLE1OdTX9A6HFmjRMmjUMmjRprMEYZ+KeN:cnnRUR8fA+W5gXrKKLX9HHIuCzCRpYdK
TLSH T1F701A47401F515132214669461739F057B32EC87596206CD38EFAA696F96F476297042
Magika xml
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://185.132.125.229/av.shn/an/an/a

Intelligence

File Origin
# of uploads :
1
# of downloads :
35
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
evasive
Link:
https://www.filescan.io/uploads/699b032b10e80629d4ed2fb7/reports/afef9153-6265-42c5-8e98-4d885b24e88f/overview
Result
Gathering data
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/6e195b32-0ca2-422c-8b48-46aa30fe6e10
Behavior Graph:
Download SVG
%3 guuid=f55b5f20-2100-0000-273f-f90f360a0000 pid=2614 /usr/bin/sudo guuid=aa0c1d23-2100-0000-273f-f90f3f0a0000 pid=2623 /tmp/sample.bin guuid=f55b5f20-2100-0000-273f-f90f360a0000 pid=2614->guuid=aa0c1d23-2100-0000-273f-f90f3f0a0000 pid=2623 execve
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/1459e201b652f6c057e32b9e4f0589f666ffa0619aab2e223f7fb52dd682fc29
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/1459e201b652f6c057e32b9e4f0589f666ffa0619aab2e223f7fb52dd682fc29/
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=crm6eanwkl3mav7dfope6bmj6ztp7idbtkvs4ir7p62s3vuc7quq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260222-qnp6nadw9g/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 1459e201b652f6c057e32b9e4f0589f666ffa0619aab2e223f7fb52dd682fc29

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3783394/
  
Delivery method
Distributed via web download

Comments