MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4ae22223f16cd866f135a1f26001ccf1248ddcc56f0eed2fc787229f27d927dd. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 4ae22223f16cd866f135a1f26001ccf1248ddcc56f0eed2fc787229f27d927dd
SHA3-384 hash: 8b9a297befcc60439c3a0ecb01a6b233c831e8f9e1e15aa5cea03ecb216d543861ec10213b554004ce746d5c1c7e0779
SHA1 hash: c7029a3f37deb820a71ea4ba09f904d1d97d3b4c
MD5 hash: ac0e554925f8007df03c07ca729b00b8
humanhash: mike-snake-beer-wolfram
File name:w.sh
Download: download sample
File size:1'269 bytes
First seen:2024-12-02 12:06:33 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:FSD3S73S73SU3SYNI33S4Ke3S2G3t3S+3Sug3S63SHW3Sh3SFA:YDi7i7iUi5i4Ni2G3ti+iugi6i2ihiu
TLSH T1B02156C943D9D403C6FECB80325658A8B560C9D2E86DCA1CD48FCDB67694B14F17DE0A
Magika txt
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
76
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
97.4%
Link:
https://cyber-fortress.com/docs/result/index.php?id=674da3f504c232bff3b5e60flinux22vpnfull_triage
Tags:
ransomware shellcode mirai overt
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/674da2e9c14b5f71b2f562ad/reports/65fdbe25-65e0-4584-be8f-893cc1d3bd1b/overview
Score:
1%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/4ae22223f16cd866f135a1f26001ccf1248ddcc56f0eed2fc787229f27d927dd
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/4ae22223f16cd866f135a1f26001ccf1248ddcc56f0eed2fc787229f27d927dd/
Threat name:
Linux.Downloader.Generic
Create hunting rule
Status:
Suspicious
First seen:
2024-12-02 12:07:04 UTC
File Type:
Text (Shell)
AV detection:
13 of 24 (54.17%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=jlrcei7rntmgn4jvuhzgaaom6esi3xgfn4ho2l6hq4rj6j6ze7oq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Link:
https://tria.ge/reports/241202-paay5ssqex/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/4ae22223f16cd866f135a1f26001ccf1248ddcc56f0eed2fc787229f27d927dd

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 4ae22223f16cd866f135a1f26001ccf1248ddcc56f0eed2fc787229f27d927dd

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3286317/
  
Delivery method
Distributed via web download

Comments