MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 330019f4fe20d5ee2798473a5e1274502267d5a04773356c592eecdd6c6277a9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 330019f4fe20d5ee2798473a5e1274502267d5a04773356c592eecdd6c6277a9
SHA3-384 hash: b2ff6989cb47971c87b216f36213f0e9016294bd2e0d7ac0385246cc8d27308238ea83afa32ec22a0a1fd8f125197bdb
SHA1 hash: eb67951e0e07497905003b2dea330b3ff78ed6c1
MD5 hash: 14108d1a975a6aa4be43f3b41024fd40
humanhash: eight-oxygen-high-music
File name:lespim
Download: download sample
File size:19'847 bytes
First seen:2025-03-19 13:46:49 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 96:m6xZimizDY2UZxJT/Hiy4C0OJZ8RIPDzYBRMTiDGTEUpQafOEqD1QGfREHoyvBGF:vW51y1M7rarqxSukd4nhL7ReE5eWj
TLSH T14C92ED6DA7705EB7FC4ACE3715980502158C425942EE2FAFBAE5C424E38B91F48F3C98
Magika elf
Reporter abuse_ch
Tags:elf

Intelligence

File Origin
# of uploads :
1
# of downloads :
102
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67dad3d4115e7b48b48eb241linux22vpnfull_triage
Tags:
n/a
Result
Verdict:
Clean
Maliciousness:
Verdict:
Unknown
Threat level:
  0/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/67dacadeb93e688233ee8a0f/reports/f05c16f0-4f47-4c17-b33e-d1cc65be382e/overview
Verdict:
Malicious
Uses P2P?:
false
Uses anti-vm?:
false
Architecture:
mips
Packer:
not packed
Botnet:
unknown
Number of open files:
7
Number of processes launched:
1
Processes remaning?
false
Remote TCP ports scanned:
not identified
Full report:
https://elfdigest.com/brief/330019f4fe20d5ee2798473a5e1274502267d5a04773356c592eecdd6c6277a9
Behaviour
no suspicious findings
Botnet C2s
TCP botnet C2(s):
not identified
UDP botnet C2(s):
not identified
Result
Verdict:
UNKNOWN
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/3e7537a0-1df0-4f84-8147-f5a04c46837d
Result
Threat name:
n/a
Detection:
clean
Classification:
n/a
Score:
1 / 100
Link:
https://www.joesandbox.com/analysis/1643117
Behaviour
Behavior Graph:
n/a
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/330019f4fe20d5ee2798473a5e1274502267d5a04773356c592eecdd6c6277a9
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/330019f4fe20d5ee2798473a5e1274502267d5a04773356c592eecdd6c6277a9/
Threat name:
Linux.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-03-19 13:47:08 UTC
File Type:
ELF32 Little (Exe)
AV detection:
4 of 24 (16.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=gmabt5h6edk64j4yi45f4etukargpvnai5ztk3czf3wn23dco6uq._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/250319-q3kvgsxsg1/
Verdict:
Informative
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/de96ae7d-ed0f-4312-940e-e884a3f575a6
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/330019f4fe20d5ee2798473a5e1274502267d5a04773356c592eecdd6c6277a9

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

elf 330019f4fe20d5ee2798473a5e1274502267d5a04773356c592eecdd6c6277a9

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3479684/
  
Delivery method
Distributed via web download

BLint

The following table provides more information about this file using BLint. BLint is a Binary Linter to check the security properties, and capabilities in executables.

Findings
IDTitleSeverity
CHECK_NXMissing Non-Executable Memory Protectioncritical
CHECK_PIEMissing Position-Independent Executable (PIE) Protectionhigh

Comments