MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2b7bdc9330abd289bf3e39124f4c699781c035a3ec98b0d5b5cbf99578b817e4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Gafgyt


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2b7bdc9330abd289bf3e39124f4c699781c035a3ec98b0d5b5cbf99578b817e4
SHA3-384 hash: 75cbdd6fd1b8cf18f0ccd63c17a7bbd7ed1365b937a9c57d3b253d71a69777ecd9152d105e83a0ddb4724720ba1ac703
SHA1 hash: c27cdef65f880eb2e233cde589eedb4b7c4eb1c2
MD5 hash: 5ca49a672deffdb0112d4498aa40fd0f
humanhash: three-grey-single-carolina
File name:b
Download: download sample
Signature Gafgyt
Create hunting rule
File size:277 bytes
First seen:2025-01-14 15:26:32 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 6:LrJw3NQBNIQIVXNQB8oLNRFFJkqQNRFFJpTJG:3JCaeJ9G8oLNr7srpTJG
TLSH T1EDD012ED38AA27648D897CCC65578F2E2CCA4FE017604F7CAE981722C95D855FC38586
Magika shell
Reporter abuse_ch
Tags:gafgyt sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
88
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Clean
Score:
89.1%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6787f0254487910100df5d9dlinux22vpnfull_triage
Tags:
n/a
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
anti-debug lolbin remote
Link:
https://www.filescan.io/uploads/6786825200fbe0ad29ea9c54/reports/e242c820-47b1-4dc4-b7bb-a25b23fba9f3/overview
Verdict:
Suspicious
Labled as:
Trojan.Script.Downloader
Link:
https://www.hybrid-analysis.com/sample/2b7bdc9330abd289bf3e39124f4c699781c035a3ec98b0d5b5cbf99578b817e4
Result
Verdict:
UNKNOWN
Score:
1%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/2b7bdc9330abd289bf3e39124f4c699781c035a3ec98b0d5b5cbf99578b817e4
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/2b7bdc9330abd289bf3e39124f4c699781c035a3ec98b0d5b5cbf99578b817e4/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=fn55zezqvpjitpz6heje6tdjs6a4annd5smlbvnvzp4zk6fyc7sa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/2b7bdc9330abd289bf3e39124f4c699781c035a3ec98b0d5b5cbf99578b817e4

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Gafgyt

sh 2b7bdc9330abd289bf3e39124f4c699781c035a3ec98b0d5b5cbf99578b817e4

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3398268/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3400780/

Comments