MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5dd1dc975089d0714f6f93b193bf9e9138b7aa272e9e5f21763028f616a9318e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 5dd1dc975089d0714f6f93b193bf9e9138b7aa272e9e5f21763028f616a9318e
SHA3-384 hash: a83f84b015397220be4f6b2f380f726536b877e3e9f0bcd5aa71929a88329d3d314058d16ecf718fcc1dddd983f59c78
SHA1 hash: 306c56f14bd5536aeb387b8868b2977a75abe47c
MD5 hash: 503172a590f9da016e612adcab5add6d
humanhash: salami-carolina-social-neptune
File name:buf
Download: download sample
File size:700 bytes
First seen:2025-03-26 23:37:57 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:wxgk3Tdkserko/k3rckZOSxskBn/kvkZNIh5eknDskCKLK7L:wxgk3Tdkskko/k3rckQPkh/kvkZNIfel
TLSH T14F01DECD1EE443DF46098AE87450CD49908DA5C7B1748B2CF6711DDA0CD5B12780CA67
Magika txt
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
74
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Score:
96.5%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67e6aa15855e5ec524094909linux22vpnfull_triage
Tags:
backdoor mirai agent virus
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
packed
Link:
https://www.filescan.io/uploads/67e48fe8631830704a887713/reports/50926594-df5b-4b44-a0d9-f1a7c797ce11/overview
Verdict:
Malicious
Labled as:
Trojan.Script.Downloader
Link:
https://www.hybrid-analysis.com/sample/5dd1dc975089d0714f6f93b193bf9e9138b7aa272e9e5f21763028f616a9318e
Result
Verdict:
MALICIOUS
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/5dd1dc975089d0714f6f93b193bf9e9138b7aa272e9e5f21763028f616a9318e
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/5dd1dc975089d0714f6f93b193bf9e9138b7aa272e9e5f21763028f616a9318e/
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=lxi5zf2qrhihct3psoyzhp46se4lpkrhf2pf6ilwgaupmfvjggha._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/5dd1dc975089d0714f6f93b193bf9e9138b7aa272e9e5f21763028f616a9318e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 5dd1dc975089d0714f6f93b193bf9e9138b7aa272e9e5f21763028f616a9318e

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3491722/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3491725/
  
URLhaus
https://urlhaus.abuse.ch/url/3491748/

Comments