MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8ecb61d52866802534aba193faf346a945927838f9fdc682c72b47452e8077f5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8ecb61d52866802534aba193faf346a945927838f9fdc682c72b47452e8077f5
SHA3-384 hash: 6d721400f1ba406ebbff408618bca16ea05e0c6fd27e847f00a3ae30415c25f0e9099ff2ee76b165676225a5b7903805
SHA1 hash: 5dc688d6e9b2bb3a528331ae906877fd4a20512d
MD5 hash: e9287dbeff880a4c9c476e0a4c141cfe
humanhash: bravo-football-sweet-seven
File name:76d32be0.sh
Download: download sample
File size:141 bytes
First seen:2024-11-24 06:41:19 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 3:QUFHnMUXw8bAQ0tVlDEH7MUXw8bAQ0tV+FaDOduKNV+FnV9MNAtVPn:5FHnpXnAQdH7pXnAQlFmKeFnkSP
TLSH T1B4C092CA81B4607353815EC5BA6303C0E02822C8AFCCDDA8C0B0CE3A8014ABCF4F1FA1
Magika shell
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
78
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6742cabbd0583382434ac67alinux22vpnfull_triage
Tags:
malware
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6742caba97ce90b131447bdc/reports/34cf5d36-bf2b-4def-bd94-f476acdb820a/overview
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8ecb61d52866802534aba193faf346a945927838f9fdc682c72b47452e8077f5/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=r3fwdvjim2acknflugj7v42gvfcze6by7h64nawhfndukluao72q._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Link:
https://tria.ge/reports/241124-hgb2fsvkbm/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/8ecb61d52866802534aba193faf346a945927838f9fdc682c72b47452e8077f5

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 8ecb61d52866802534aba193faf346a945927838f9fdc682c72b47452e8077f5

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3300823/
  
Delivery method
Distributed via web download

Comments