MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 77abda4a41536e034b04b12522e3ec1dfe6810000337677caa4e81838b17fdbb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 77abda4a41536e034b04b12522e3ec1dfe6810000337677caa4e81838b17fdbb
SHA3-384 hash: 70ea210545cc15e16e4b5cd858b7e34e7ad8abb3f9678f4bb8317aab0bdd8f60b42b649dc0b21e33f59e69cf96632eac
SHA1 hash: 7db55163a380faea920744e855f5bd352b0b2a87
MD5 hash: fb6a0fd1c49ce02baa1dfa5410e9d9cc
humanhash: diet-venus-oven-eighteen
File name:wget.sh
Download: download sample
File size:510 bytes
First seen:2025-02-22 16:21:22 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:kq0JXMXgokF9XXnPkQ50wXp2TC/X9vQkD2X8:kq05MXgokLXXnPkQTXsTC/Xi02X8
TLSH T179F0F0CEB6503A7344F8EE89B9B38BF90044428C282D07AC7C6E823494A0AA0B040E89
Magika shell
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
10
Origin country :
US US
Vendor Threat Intelligence
Verdict:
Malicious
Score:
90.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67b9f987a0fd713c335c58e0linux22vpnfull_triage
Tags:
trojan hype sage
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
busybox evasive
Link:
https://www.filescan.io/uploads/67b9f9c03afc3763bec1639f/reports/7a40d0fb-8bd0-4e17-bc2b-625bd31ff3c7/overview
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/77abda4a41536e034b04b12522e3ec1dfe6810000337677caa4e81838b17fdbb
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/77abda4a41536e034b04b12522e3ec1dfe6810000337677caa4e81838b17fdbb/
Threat name:
Document-HTML.Hacktool.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-02-22 16:22:24 UTC
File Type:
Text (Shell)
AV detection:
7 of 38 (18.42%)
Threat level:
  1/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=o6v5ussbknxagsyewessfy7mdx7gqeaaam3wo7fkj2ayhcyx7w5q._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Link:
https://tria.ge/reports/250222-tt757stnen/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/77abda4a41536e034b04b12522e3ec1dfe6810000337677caa4e81838b17fdbb

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 77abda4a41536e034b04b12522e3ec1dfe6810000337677caa4e81838b17fdbb

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3438729/
  
Delivery method
Distributed via web download

Comments