MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6a6554bb507e5cd0deff2899776a3848d202611d9bcd2d01f0430c8b96555df8. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 6a6554bb507e5cd0deff2899776a3848d202611d9bcd2d01f0430c8b96555df8
SHA3-384 hash: bd014ff8660d45e390969bb631051cc9deafb8d02aacdd7ba3a681e13b95cdec44e1eb1b5665c8c932d4c63d42bc3526
SHA1 hash: 02857724b65fe7eae6b7318bc4b8d5c11c17a033
MD5 hash: 6ee685feb8fbebf926e0fe0acc274fca
humanhash: fanta-yellow-summer-gee
File name:6a6554bb507e5cd0deff2899776a3848d202611d9bcd2d01f0430c8b96555df8.sh
Download: download sample
File size:10'596 bytes
First seen:2026-02-22 13:20:49 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 192:cCu7e1OJi1OyPsN8GsNDM6p4hvZ5m5FoKNpivW:ye1OJi1OyPsN8GsND3p4hvZ5m5FoKNpV
TLSH T19B22587B21F08732D3D450C953A60E614E72AB4B996618B5F4BE9336AF2C90331D7F61
Magika xml
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://45.63.77.220/linux-mipsn/an/an/a
http://181.197.159.183:8888/in/an/an/a

Intelligence

File Origin
# of uploads :
1
# of downloads :
34
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
busybox evasive
Link:
https://www.filescan.io/uploads/699b03a79eaae846593d9656/reports/f7aa7a52-0ad3-477a-9c1f-e58ac53e2e78/overview
Result
Gathering data
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/7056959d-767d-4bed-9fda-2a578c6dd78b
Behavior Graph:
Download SVG
%3 guuid=3134c151-1a00-0000-9c66-cbf5ea0a0000 pid=2794 /usr/bin/sudo guuid=5f5dfe53-1a00-0000-9c66-cbf5ec0a0000 pid=2796 /tmp/sample.bin guuid=3134c151-1a00-0000-9c66-cbf5ea0a0000 pid=2794->guuid=5f5dfe53-1a00-0000-9c66-cbf5ec0a0000 pid=2796 execve
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/6a6554bb507e5cd0deff2899776a3848d202611d9bcd2d01f0430c8b96555df8
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/6a6554bb507e5cd0deff2899776a3848d202611d9bcd2d01f0430c8b96555df8/
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=njsvjo2qpzonbxx7fcmxo2ryjdjaeyi5tpgs2apqimgixfsvlx4a._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260222-qnbchadw7a/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 6a6554bb507e5cd0deff2899776a3848d202611d9bcd2d01f0430c8b96555df8

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3783379/
  
Delivery method
Distributed via web download

Comments