MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a12b90d200741ceb4971909014bcdbd3374df504515a55519963092f4b947b9f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a12b90d200741ceb4971909014bcdbd3374df504515a55519963092f4b947b9f
SHA3-384 hash: 3f9683a51eb8fd52a334a79169d994764d4e79af07a4ae0dec0df7843984e7142da268476da5eb5e031d51c92ef1be07
SHA1 hash: 9f310ca929aa77deb251f5e8cf591a252db2ae9f
MD5 hash: 7ec92f8596c70e9ccaefe77e5f011538
humanhash: football-neptune-mars-uniform
File name:a12b90d200741ceb4971909014bcdbd3374df504515a55519963092f4b947b9f.sh
Download: download sample
File size:4'208 bytes
First seen:2026-02-22 13:20:17 UTC
Last seen:2026-02-22 23:16:37 UTC
File type: sh
MIME type:text/plain
ssdeep 48:cnRu9RDdvnSfranB6qcRAb0lrl5R4lrkKRUGlrEHR1Blr+6RBs0vlr3v5JIrlroI:cRu3k0B6MqUbo2kf7IBiIBFIW
TLSH T1CD914D7025F14D332E10AA40B3772BA27BB2D85349A3658C35DE1D35AFC6B52B5BE015
Magika xml
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://38.6.178.140/easy_pass.shn/an/an/a
http://38.6.178.140/easy_cloud.shn/an/an/a

Intelligence

File Origin
# of uploads :
2
# of downloads :
41
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
busybox evasive
Link:
https://www.filescan.io/uploads/699b03e197feb4afd651daab/reports/0271fab4-5135-49e7-a3f5-adc69c3ba522/overview
Verdict:
Clean
File Type:
text
Link:
https://opentip.kaspersky.com/a12b90d200741ceb4971909014bcdbd3374df504515a55519963092f4b947b9f/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/03975f37-db6c-481d-8874-333017c45e63
Behavior Graph:
Download SVG
%3 guuid=7419c618-1a00-0000-b432-90e3e2090000 pid=2530 /usr/bin/sudo guuid=e7cdae1a-1a00-0000-b432-90e3e7090000 pid=2535 /tmp/sample.bin guuid=7419c618-1a00-0000-b432-90e3e2090000 pid=2530->guuid=e7cdae1a-1a00-0000-b432-90e3e7090000 pid=2535 execve
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/a12b90d200741ceb4971909014bcdbd3374df504515a55519963092f4b947b9f
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a12b90d200741ceb4971909014bcdbd3374df504515a55519963092f4b947b9f/
Verdict:
Clean
Link:
https://tip.neiki.dev/file/a12b90d200741ceb4971909014bcdbd3374df504515a55519963092f4b947b9f
Threat name:
Linux.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-02-22 13:26:33 UTC
File Type:
Text (Shell)
AV detection:
4 of 24 (16.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=uevzbuqaoqoowslrscibjpg32m3u35iekfnfkumzmmes6s4upopq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260222-qmvdzsdv9h/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh a12b90d200741ceb4971909014bcdbd3374df504515a55519963092f4b947b9f

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3783345/
  
Delivery method
Distributed via web download

Comments