MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8537f2fc8e4af0d1d9c1ee4773903b17f64fad801ce80b77aab109244d7b9597. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8537f2fc8e4af0d1d9c1ee4773903b17f64fad801ce80b77aab109244d7b9597
SHA3-384 hash: 39b5e82107724bb74f3fd27d10bfb1a5453864dcf29ba14aa2df804cc8067bd3797dc285cd246af7e8000f2ef4f7d9b4
SHA1 hash: 41f2a389ba70e65d05bebacc54bd960cfd370d5c
MD5 hash: 9a73cf2ca389c8649b8e0993c6556f20
humanhash: happy-low-burger-alanine
File name:8537f2fc8e4af0d1d9c1ee4773903b17f64fad801ce80b77aab109244d7b9597.sh
Download: download sample
File size:10'177 bytes
First seen:2026-02-27 13:34:42 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 96:cRmX9Eh9mLj+ksN8ZPa65UOsp8CfUwD14Ims2hZD0:cRmACU
TLSH T156224D7034F04C732E256580F37727A69BB7A85749A3318C35DE1E2A6F87B12A5BF412
Magika xml
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://116.129.7.63:81/hiddenbin/dvr1.shn/an/an/a
http://updater.zzux.com/mn/an/an/a

Intelligence

File Origin
# of uploads :
1
# of downloads :
68
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/69a19d9797feb4afd65f57f0/reports/7e281f70-a23e-4557-af68-6fd99192e6e5/overview
Verdict:
Clean
File Type:
text
Link:
https://opentip.kaspersky.com/8537f2fc8e4af0d1d9c1ee4773903b17f64fad801ce80b77aab109244d7b9597/results?tab=lookup
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/8537f2fc8e4af0d1d9c1ee4773903b17f64fad801ce80b77aab109244d7b9597
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8537f2fc8e4af0d1d9c1ee4773903b17f64fad801ce80b77aab109244d7b9597/
Verdict:
Clean
Link:
https://tip.neiki.dev/file/8537f2fc8e4af0d1d9c1ee4773903b17f64fad801ce80b77aab109244d7b9597
Threat name:
Script-Shell.Trojan.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2026-02-27 13:35:48 UTC
File Type:
Text (HTML)
AV detection:
6 of 24 (25.00%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=qu37f7eojlyndwob5zdxheb3c73e7lmadtuaw55kweesitl3swlq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260227-qvsv5aaw5e/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/8537f2fc8e4af0d1d9c1ee4773903b17f64fad801ce80b77aab109244d7b9597

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 8537f2fc8e4af0d1d9c1ee4773903b17f64fad801ce80b77aab109244d7b9597

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3783296/
  
Delivery method
Distributed via web download

Comments