MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9bc32c3d9f0108740ece3cf74b9e81eb0ec43c6740a50e50cc742b9f32345a37. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 9bc32c3d9f0108740ece3cf74b9e81eb0ec43c6740a50e50cc742b9f32345a37
SHA3-384 hash: 85b4bbfd02431be81bf774c1b350d3ae16e1c6d69763c2a8986ae909b90845b61c20a70f23515f7de038502c772a540a
SHA1 hash: 956d004da2f76de5be6bada8826a9909915dbb2d
MD5 hash: dbe8de91651bd6157035db0167e01c39
humanhash: papa-purple-colorado-island
File name:9bc32c3d9f0108740ece3cf74b9e81eb0ec43c6740a50e50cc742b9f32345a37.sh
Download: download sample
File size:1'430 bytes
First seen:2026-02-22 16:45:07 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 24:cnnRUR8fARVNvoslc9HHYbxtNuPl/Ha+VsUy/Yul/HVeN:cnRu9RVJoslwnYbxaPl/BWUQl/s
TLSH T1B921997421F148731E545980F2372BAAAB73D85755D3624C38DE2F39AFA7B03A5BE012
Magika xml
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
56
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
evasive mirai
Link:
https://www.filescan.io/uploads/699b32ba97feb4afd6521058/reports/6066c27a-8fa5-48bf-b9a6-7667c161da98/overview
Result
Gathering data
Verdict:
Malicious
File Type:
text
Link:
https://opentip.kaspersky.com/9bc32c3d9f0108740ece3cf74b9e81eb0ec43c6740a50e50cc742b9f32345a37/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/43ca4a15-c46a-46e5-9b2d-51a29a6f8669
Behavior Graph:
Download SVG
%3 guuid=69a1a357-1800-0000-5900-9cd5de0a0000 pid=2782 /usr/bin/sudo guuid=c7ca215a-1800-0000-5900-9cd5e50a0000 pid=2789 /tmp/sample.bin guuid=69a1a357-1800-0000-5900-9cd5de0a0000 pid=2782->guuid=c7ca215a-1800-0000-5900-9cd5e50a0000 pid=2789 execve
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/9bc32c3d9f0108740ece3cf74b9e81eb0ec43c6740a50e50cc742b9f32345a37
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/9bc32c3d9f0108740ece3cf74b9e81eb0ec43c6740a50e50cc742b9f32345a37/
Verdict:
Malicious
Threat:
Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/9bc32c3d9f0108740ece3cf74b9e81eb0ec43c6740a50e50cc742b9f32345a37
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=tpbsypm7aeehidwoht3uxhub5mhmipdhicsq4ugmoqvz6mruli3q._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260222-t9ll5shx4g/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 9bc32c3d9f0108740ece3cf74b9e81eb0ec43c6740a50e50cc742b9f32345a37

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3783231/
  
Delivery method
Distributed via web download

Comments