MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 1ef3f07316a9d6e1a0eb3e800cf700221dd2eb9e052ae7279e379babeb7c3669. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 1ef3f07316a9d6e1a0eb3e800cf700221dd2eb9e052ae7279e379babeb7c3669
SHA3-384 hash: 96c6bcc3b81bf08b2d62b3b3bab475217d2c5fb6018baab076ea55ddf5dea3e54190470194e01956b6e7ed9e0765a8e0
SHA1 hash: 51471eea12e701e01b518c85350a3002632bb2c4
MD5 hash: f9355e0ca1fcc3e305e6d53388b4ab66
humanhash: undress-connecticut-golf-fruit
File name:1ef3f07316a9d6e1a0eb3e800cf700221dd2eb9e052ae7279e379babeb7c3669.sh
Download: download sample
File size:1'972 bytes
First seen:2026-02-22 13:21:23 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 48:chRu9Rp9nB6g+JIrlrm9JIrlr8qGlrAvn8:cLu7B6pIBmIBUe8
TLSH T1A2411B7011F18D332A21A680B3772B55AFB2ED4349A7618C35DE1D266F92B12A1EF011
Magika xml
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://38.6.178.140/easy_cloud.shn/an/an/a
http://154.9.30.146/srb.shn/an/aelf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
43
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/699b033f10e80629d4ed2fc0/reports/669c68ea-9117-46d0-8f22-0f63c19d72fc/overview
Result
Gathering data
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/7fd8017a-254d-4e4f-a2a9-0475dfe51c21
Behavior Graph:
Download SVG
%3 guuid=71ec3517-1900-0000-31dd-0115bf070000 pid=1983 /usr/bin/sudo guuid=f3fe6719-1900-0000-31dd-0115c1070000 pid=1985 /tmp/sample.bin guuid=71ec3517-1900-0000-31dd-0115bf070000 pid=1983->guuid=f3fe6719-1900-0000-31dd-0115c1070000 pid=1985 execve
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/1ef3f07316a9d6e1a0eb3e800cf700221dd2eb9e052ae7279e379babeb7c3669
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/1ef3f07316a9d6e1a0eb3e800cf700221dd2eb9e052ae7279e379babeb7c3669/
Verdict:
Clean
Link:
https://tip.neiki.dev/file/1ef3f07316a9d6e1a0eb3e800cf700221dd2eb9e052ae7279e379babeb7c3669
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=d3z7a4ywvhlodihlh2aaz5yaeio5f246auvooj46g6n2x234gzuq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260222-qnth3sdx3g/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/1ef3f07316a9d6e1a0eb3e800cf700221dd2eb9e052ae7279e379babeb7c3669

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 1ef3f07316a9d6e1a0eb3e800cf700221dd2eb9e052ae7279e379babeb7c3669

(this sample)

007f065e58d07a799a21a2849a3907334abca1a31392e638d9343126079ca9b5

  
URLhaus
https://urlhaus.abuse.ch/url/3783414/
  
Delivery method
Distributed via web download
  
Dropping
MD5 c488c5f8367ad4612d371973e8aed705
  
Dropping
SHA256 007f065e58d07a799a21a2849a3907334abca1a31392e638d9343126079ca9b5

Comments