MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8da8df5b8f1659cd3d371d6c9784bf3ec9d5edf40c1ed0f3a9a5af0f40de33fe. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8da8df5b8f1659cd3d371d6c9784bf3ec9d5edf40c1ed0f3a9a5af0f40de33fe
SHA3-384 hash: 7302b6a0c190b531750384aeaa021e5a61159e5e34889e7c4a74d95a4f2244d498c00f85e8740e343d7ed9542bb77702
SHA1 hash: 841e976d625b208349b6fb6ceedc41dccd027efc
MD5 hash: ad566b465a5136a561813aa37edebc55
humanhash: paris-utah-don-zulu
File name:c.sh
Download: download sample
File size:1'278 bytes
First seen:2024-11-04 21:21:07 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:3J3D06Xi0/oN0O8NIxe4J0xfKLx0Q5sF0xWIF07kp210lqe0Jue0gJS0+b8F0PYS:lNSi+rVQfGJaFYf2kceNK5P8V4F6F
TLSH T1802130DD15503F72D6744F5DB294D0B495A680F2E1BB46C0A39EC62EC4A6E017807BB7
Magika txt
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
82
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Linux.Downloader-33.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
94.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67293b0049e92a05dde2e1ealinux22vpnfull_triage
Tags:
downloader exploit agent
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/67293b005c437fc3ad4fde82/reports/5a9bc3d9-49d5-44f1-ab32-bd859e90ba87/overview
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/8da8df5b8f1659cd3d371d6c9784bf3ec9d5edf40c1ed0f3a9a5af0f40de33fe
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8da8df5b8f1659cd3d371d6c9784bf3ec9d5edf40c1ed0f3a9a5af0f40de33fe/
Threat name:
Linux.Downloader.Generic
Create hunting rule
Status:
Suspicious
First seen:
2024-11-04 21:22:11 UTC
File Type:
Text
AV detection:
10 of 38 (26.32%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=rwun6w4pczm42pjxdvwjpbf7h3e5l3pubqpnb45juwxq6qg6gp7a._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Link:
https://tria.ge/reports/241104-z7wbfsyajp/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/8da8df5b8f1659cd3d371d6c9784bf3ec9d5edf40c1ed0f3a9a5af0f40de33fe

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 8da8df5b8f1659cd3d371d6c9784bf3ec9d5edf40c1ed0f3a9a5af0f40de33fe

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3276026/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3276033/

Comments