MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9d6d9ee96034ec7ebe1b191dae0ae84916e9cf783bb21a026a9b9ba859d8f76b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 9d6d9ee96034ec7ebe1b191dae0ae84916e9cf783bb21a026a9b9ba859d8f76b
SHA3-384 hash: 3a76aae79f79192dc3c5542e1e2ceb7211c9b109ea00ec291f1f5283515268fc61931aaef12b3b67f5f094c827159b0a
SHA1 hash: 391ec399f3ef5d9124e9f7f6dd48dda2d11b72d9
MD5 hash: 0b49f539b834dd3bc6b612b710aab722
humanhash: failed-one-tango-three
File name:9d6d9ee96034ec7ebe1b191dae0ae84916e9cf783bb21a026a9b9ba859d8f76b.sh
Download: download sample
File size:12'355 bytes
First seen:2026-02-27 13:44:43 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 96:cCu3k0B6n7sht+O+v1fsn+h4+tIicqbA/GsGCuKNppjrwaaIBRIB0IBT7IBbJYJN:cCu0g6nC4hvZ5mzjqKNp02LG7hxm+T
TLSH T1DB42357721F08B3297C055C8A2771B614F72970B456714B8F4BE5B2A9F2DA0370EBB61
Magika xml
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://38.6.178.140/easy_pass.shn/an/an/a
http://38.6.178.140/easy_cloud.shn/an/an/a
http://38.6.178.140/easy_lan.shn/an/an/a
http://109.205.213.2/download.shn/an/an/a
http://194.156.102.210/bins/bins.shn/an/an/a
http://116.129.7.63:81/hiddenbin/dvr1.shn/an/an/a

Intelligence

File Origin
# of uploads :
1
# of downloads :
66
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
evasive
Link:
https://www.filescan.io/uploads/69a19ff797feb4afd65f5c6f/reports/831da403-29ca-4129-bb4a-6102ebf107a5/overview
Result
Gathering data
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/9d6d9ee96034ec7ebe1b191dae0ae84916e9cf783bb21a026a9b9ba859d8f76b
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/9d6d9ee96034ec7ebe1b191dae0ae84916e9cf783bb21a026a9b9ba859d8f76b/
Verdict:
Clean
Link:
https://tip.neiki.dev/file/9d6d9ee96034ec7ebe1b191dae0ae84916e9cf783bb21a026a9b9ba859d8f76b
Threat name:
Script-Shell.Trojan.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2026-02-27 13:45:50 UTC
File Type:
Text (HTML)
AV detection:
3 of 36 (8.33%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=tvwz52lagtwh5pq3deo24cxijelott3yhozbuatkton2qwoy65vq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260227-q2mbxsax5d/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 9d6d9ee96034ec7ebe1b191dae0ae84916e9cf783bb21a026a9b9ba859d8f76b

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3783298/
  
Delivery method
Distributed via web download

Comments