MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 902f4068daf140afbe2f6407eff7c5775fc0cb960c44119061a1f94181bf8ba9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 902f4068daf140afbe2f6407eff7c5775fc0cb960c44119061a1f94181bf8ba9
SHA3-384 hash: 7c9bd38b8dfe4af146e379975c9107468e0fb685617225e793908a7df27df39a5b49ac8ba0e6b03070602d5e51dea11e
SHA1 hash: 2f1d61032fd633e91868b63124159932c6b8ef9b
MD5 hash: a8cbd661bea2826b55278c29e50fd20f
humanhash: georgia-hamper-asparagus-indigo
File name:23.94.110.24_1780673626040952_vendor_phpunit_phpunit_src_Util_PHP_eval-stdin.php.bin
Download: download sample
File size:28'662 bytes
First seen:2026-06-05 15:34:17 UTC
Last seen:Never
File type:php php
MIME type:text/x-php
ssdeep 768:XumWOXcTmHBBGUUO5/sCY4kSwULlhgQXtIAUONhKk4E:Xu+ImH/GnO5/RY4kkLkONX
TLSH T1F0D2DF34C4D82FBDEE9A2A1C06FA6620D7D68B1E9494860637477D9B4F37D80442751E
Magika php
Reporter Blackdome

Intelligence

File Origin
# of uploads :
1
# of downloads :
47
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Score:
70.0%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6a22ec9457b7bf261d61397f
Tags:
infosteal
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/902f4068daf140afbe2f6407eff7c5775fc0cb960c44119061a1f94181bf8ba9
Verdict:
Malicious
File Type:
unix shell
First seen:
2026-06-05T14:21:00Z UTC
Last seen:
2026-06-05T14:40:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/902f4068daf140afbe2f6407eff7c5775fc0cb960c44119061a1f94181bf8ba9/results?tab=lookup
Score:
92%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/902f4068daf140afbe2f6407eff7c5775fc0cb960c44119061a1f94181bf8ba9
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/902f4068daf140afbe2f6407eff7c5775fc0cb960c44119061a1f94181bf8ba9/
Threat name:
Text.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-06-05 15:35:40 UTC
File Type:
Text (PHP)
AV detection:
3 of 23 (13.04%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=saxua2g26fak7prpmqd6756fo5p4bs4wbrcbdedbuh4udan7rouq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/902f4068daf140afbe2f6407eff7c5775fc0cb960c44119061a1f94181bf8ba9

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments