MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6eab2575070ca7ccfe4d3a410889bda3921ef15bc9e7285c0817877e8e6f3d43. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 6eab2575070ca7ccfe4d3a410889bda3921ef15bc9e7285c0817877e8e6f3d43
SHA3-384 hash: 03509fc0a00f313b6800bba54570cce7f44624b686bada920609f24b828af7752d867c2f85aabf696dbc92a162fe7fa1
SHA1 hash: 78a7a7ae71bcc458d0f00073442ffdb2a497e134
MD5 hash: 1c3aa269cab086a1b0b9ce7437171af9
humanhash: william-grey-london-lima
File name:.shell
Download: download sample
File size:211 bytes
First seen:2024-11-03 13:31:29 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 3:QnQzanFCKl2X4HMiPaXWgXWaXWgvqRDaXWgMSLM9Kd:lOnFflHM6gXEg0gXM9Kd
TLSH T10BD0C9CDB05124B2DAC0CFB935E1F800729465E59CC14B346888F8E082B9E8C3D48EB1
Magika shell
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
70
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-29.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
93.3%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6727c2988d23d90491332c5dlinux22vpnfull_triage
Tags:
gafgyt hajime mirai
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/67277b5f4a1409acc6fb9cbf/reports/53a9e01a-8beb-4604-88b3-e43419385054/overview
Verdict:
Suspicious
Labled as:
Trojan.Script
Link:
https://www.hybrid-analysis.com/sample/6eab2575070ca7ccfe4d3a410889bda3921ef15bc9e7285c0817877e8e6f3d43
Result
Verdict:
UNKNOWN
Score:
21%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/6eab2575070ca7ccfe4d3a410889bda3921ef15bc9e7285c0817877e8e6f3d43
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/6eab2575070ca7ccfe4d3a410889bda3921ef15bc9e7285c0817877e8e6f3d43/
Threat name:
Script.Browser.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2024-11-03 14:03:23 UTC
File Type:
Text (Shell)
AV detection:
2 of 38 (5.26%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=n2vsk5ihbst4z7snhjaqrcn5uojb54k3zhtsqxaic6dx5dtphvbq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Link:
https://tria.ge/reports/241103-w8xdcs1clh/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/6eab2575070ca7ccfe4d3a410889bda3921ef15bc9e7285c0817877e8e6f3d43

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 6eab2575070ca7ccfe4d3a410889bda3921ef15bc9e7285c0817877e8e6f3d43

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3273921/
  
Delivery method
Distributed via web download

Comments