MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8f492296456c0f28341431bc48d294607ab2cecdecb74ae69d79fc11c242edfb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


CoinMiner


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8f492296456c0f28341431bc48d294607ab2cecdecb74ae69d79fc11c242edfb
SHA3-384 hash: 81c9ed31df007299087c113de1883f254084548d88c5f39eebd3b1d6a0b396a178b870747158b33857f4dc84a515b4df
SHA1 hash: 2361ae7b1d637d0a4259f67cc36c2af142541262
MD5 hash: 9206fb1df325876fc6297e75be2a7d5a
humanhash: london-seventeen-eighteen-november
File name:wget.sh
Download: download sample
Signature CoinMiner
Create hunting rule
File size:244 bytes
First seen:2024-10-23 10:55:52 UTC
Last seen:2024-10-31 11:33:31 UTC
File type: sh
MIME type:text/x-shellscript
ssdeep 6:uD/eKvLeeMe05bSLe8KvGBBiyGW4ySgKvrjkKFD:u9vYEweB2gKjjlFD
TLSH T129D05EEB053E175124C09D0B35E98A44B425DAE2796ECA49F6C9D862D1C0E027817F4B
Magika shell
Reporter abuse_ch
Tags:CoinMiner sh

Intelligence

File Origin
# of uploads :
3
# of downloads :
101
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
URLhaus.3249965.UNOFFICIAL
Create hunting rule

URLhaus.3249966.UNOFFICIAL
Create hunting rule

Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6718d6fa5a02f8393c734cce
Tags:
malware
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
anti-debug lolbin remote
Link:
https://www.filescan.io/uploads/6718d6447184660038540e2c/reports/844642b4-782b-4332-9333-0d437dcc347b/overview
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/8f492296456c0f28341431bc48d294607ab2cecdecb74ae69d79fc11c242edfb
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8f492296456c0f28341431bc48d294607ab2cecdecb74ae69d79fc11c242edfb/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=r5esffsfnqhsqnaugg6eruuumb5lftwn5s3uvzu5ph6bdqsc5x5q._file
Result
Malware family:
xmrig
Create hunting rule
Score:
  10/10
Tags:
family:xmrig antivm defense_evasion discovery linux miner
Link:
https://tria.ge/reports/241023-m1nxksxhnj/
Behaviour
Enumerates kernel/hardware configuration
Reads runtime system information
Writes file to tmp directory
Checks CPU configuration
Reads CPU attributes
Checks hardware identifiers (DMI)
Enumerates running processes
Reads hardware information
File and Directory Permissions Modification
Executes dropped EXE
XMRig Miner payload
xmrig
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/8f492296456c0f28341431bc48d294607ab2cecdecb74ae69d79fc11c242edfb

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

CoinMiner

sh 8f492296456c0f28341431bc48d294607ab2cecdecb74ae69d79fc11c242edfb

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3249964/
  
Delivery method
Distributed via web download

Comments