MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 45f7b4585a6bddd0d20db23cd6baabf1076bfe664fb1e6696dd7e16722c10149. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 45f7b4585a6bddd0d20db23cd6baabf1076bfe664fb1e6696dd7e16722c10149
SHA3-384 hash: 20b4c14ae7ebbcdae4af0ceb90f07006053a85948c068b9d38c33a19ebf6fd02bd2035900d48f72be52b42881afd0a39
SHA1 hash: 18554fe129813511b869beb830bf1fa855bcfb51
MD5 hash: e0429722acd5862217b2f8c2bb176193
humanhash: illinois-island-maryland-nebraska
File name:45f7b4585a6bddd0d20db23cd6baabf1076bfe664fb1e6696dd7e16722c10149
Download: download sample
File size:12'477 bytes
First seen:2026-02-03 09:08:33 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 192:Sn99BpAzWPiuRYEVL2hdN5ns549ocOK1Y7IgGXz:hAVLNN+z
TLSH T109423C713664B331329DC8ACA076E8162F45359FBA704810F2EEB5C86FED620F1A95F4
TrID 70.0% (.SH) Linux/UNIX shell script (7000/1)
30.0% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika shell
Reporter Anonymous
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
62
Origin country :
US US
Vendor Threat Intelligence
No detections
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6981bb48930564ff3c864a20/reports/df2b8465-6df5-46ca-9235-eeb9de0644e3/overview
Verdict:
Clean
File Type:
unix shell
Link:
https://opentip.kaspersky.com/45f7b4585a6bddd0d20db23cd6baabf1076bfe664fb1e6696dd7e16722c10149/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/d6382acb-79f2-432c-a808-399aa26e06ba
Behavior Graph:
Download SVG
%3 guuid=f6cf1c0d-1900-0000-b9a5-99a6920a0000 pid=2706 /usr/bin/sudo guuid=e366a80f-1900-0000-b9a5-99a69c0a0000 pid=2716 /tmp/sample.bin guuid=f6cf1c0d-1900-0000-b9a5-99a6920a0000 pid=2706->guuid=e366a80f-1900-0000-b9a5-99a69c0a0000 pid=2716 execve guuid=2667f80f-1900-0000-b9a5-99a69e0a0000 pid=2718 /usr/bin/dirname guuid=e366a80f-1900-0000-b9a5-99a69c0a0000 pid=2716->guuid=2667f80f-1900-0000-b9a5-99a69e0a0000 pid=2718 execve guuid=1ff43c10-1900-0000-b9a5-99a6a00a0000 pid=2720 /usr/bin/clear guuid=e366a80f-1900-0000-b9a5-99a69c0a0000 pid=2716->guuid=1ff43c10-1900-0000-b9a5-99a6a00a0000 pid=2720 execve guuid=2a37d610-1900-0000-b9a5-99a6a30a0000 pid=2723 /usr/bin/bash guuid=e366a80f-1900-0000-b9a5-99a69c0a0000 pid=2716->guuid=2a37d610-1900-0000-b9a5-99a6a30a0000 pid=2723 clone guuid=42864b11-1900-0000-b9a5-99a6a70a0000 pid=2727 /usr/bin/uname guuid=e366a80f-1900-0000-b9a5-99a69c0a0000 pid=2716->guuid=42864b11-1900-0000-b9a5-99a6a70a0000 pid=2727 execve guuid=435e9311-1900-0000-b9a5-99a6a90a0000 pid=2729 /usr/bin/uname guuid=e366a80f-1900-0000-b9a5-99a69c0a0000 pid=2716->guuid=435e9311-1900-0000-b9a5-99a6a90a0000 pid=2729 execve guuid=856ee210-1900-0000-b9a5-99a6a50a0000 pid=2725 /usr/bin/cat guuid=2a37d610-1900-0000-b9a5-99a6a30a0000 pid=2723->guuid=856ee210-1900-0000-b9a5-99a6a50a0000 pid=2725 execve
Score:
1%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/45f7b4585a6bddd0d20db23cd6baabf1076bfe664fb1e6696dd7e16722c10149
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/45f7b4585a6bddd0d20db23cd6baabf1076bfe664fb1e6696dd7e16722c10149/
Verdict:
Clean
Link:
https://tip.neiki.dev/file/45f7b4585a6bddd0d20db23cd6baabf1076bfe664fb1e6696dd7e16722c10149
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ix33iwc2npo5buqnwi6nnovl6edwx7tgj6y6m2ln27qwoiwbafeq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery linux
Link:
https://tria.ge/reports/260203-k4pbeaax7b/
Behaviour
Reads runtime system information
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/45f7b4585a6bddd0d20db23cd6baabf1076bfe664fb1e6696dd7e16722c10149

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments