MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 20ecb8592232f53d4cda447add49f0d8cbbf3e8f8cbef8c429d8034917d0a3e9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 20ecb8592232f53d4cda447add49f0d8cbbf3e8f8cbef8c429d8034917d0a3e9
SHA3-384 hash: b87b4a5de8d05727c516716dcc8f139288aaeda288605a719ed94c1d75c36529f2fac1b6a8e46b234bec92d9bfe779b6
SHA1 hash: c255567c4cda1ba1cd2a5b416cc7fb02f897e946
MD5 hash: 2b47d98acec0f73591996f590ad2654b
humanhash: william-berlin-snake-early
File name:w
Download: download sample
File size:222 bytes
First seen:2025-04-28 19:37:37 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 3:TKWRt9jvUHxDNqUb6YSTMFsMLONFGTDNcuWI+5KJarOSKWJadSfoTMeVIFeNWNyu:BRz2xhb6YeM6NX6Z+UOlUFVJNGyvIMgn
TLSH T12AD023955CE5047F59992C1C64F35820F370AC235C50B715365F513BCBE510C70E28C1
Magika shell
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
62
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.BV.Downloader-AST.7531.19876.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
90.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6810664dcc5fb3600cc44513linux22vpnfull_triage
Tags:
malware
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/680fd935218c4a98ade5e797/reports/e86e3b09-1a18-4630-b0ce-e03661bd30f5/overview
Verdict:
Malicious
Labled as:
Trojan[Downloader]/Shell.Agent
Link:
https://www.hybrid-analysis.com/sample/20ecb8592232f53d4cda447add49f0d8cbbf3e8f8cbef8c429d8034917d0a3e9
Score:
82%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/20ecb8592232f53d4cda447add49f0d8cbbf3e8f8cbef8c429d8034917d0a3e9
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/20ecb8592232f53d4cda447add49f0d8cbbf3e8f8cbef8c429d8034917d0a3e9/
Threat name:
Linux.Downloader.SAgnt
Create hunting rule
Status:
Malicious
First seen:
2025-04-28 21:11:15 UTC
File Type:
Text (Shell)
AV detection:
7 of 24 (29.17%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=edwlqwjcgl2t2tg2ir5n2spq3df36puprs7prrbj3abusf6qupuq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/20ecb8592232f53d4cda447add49f0d8cbbf3e8f8cbef8c429d8034917d0a3e9

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 20ecb8592232f53d4cda447add49f0d8cbbf3e8f8cbef8c429d8034917d0a3e9

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3529207/
  
Delivery method
Distributed via web download

Comments