MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a5ab20f9ff2b3eb9833d18c2d551a0737f2212bc837ed6d0e8d7311b17874211. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a5ab20f9ff2b3eb9833d18c2d551a0737f2212bc837ed6d0e8d7311b17874211
SHA3-384 hash: c6e0f8d6ffb2e84cb58a7261827361742f22e060674cd324d16a3ba85477954acaca0c71ba834b0f909c9963eb132ddc
SHA1 hash: 005df5e4bfb7c3ee71815b0f37692c034eac240f
MD5 hash: 7e335ac159c96e92c3f80821d597b3db
humanhash: mars-diet-arizona-summer
File name:r.sh
Download: download sample
File size:690 bytes
First seen:2024-12-13 03:51:00 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:le5Sc18H1aKLKf0NIh5igXLW1RBFv7EuF8bAoG:le5cK8NIfXX4nwz3G
TLSH T1CE0167D1B6622A3749CDAC8F676AAD5D1AB524854D034BDD2CF8B11E91BCC50F101005
Magika shell
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
83
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.BV.Downloader-BDK.17433.13796.UNOFFICIAL
Create hunting rule

Verdict:
Clean
Score:
70%
Link:
https://cyber-fortress.com/docs/result/index.php?id=675bb0a989dbe216234e7068linux22vpnfull_triage
Tags:
mirai
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/a5ab20f9ff2b3eb9833d18c2d551a0737f2212bc837ed6d0e8d7311b17874211
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a5ab20f9ff2b3eb9833d18c2d551a0737f2212bc837ed6d0e8d7311b17874211/
Threat name:
Script.Downloader.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2024-12-13 03:51:04 UTC
File Type:
Text (Python)
AV detection:
3 of 24 (12.50%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=uwvsb6p7fm7ltaz5ddbnkunaon7seev4qn7nnuhi24yrwf4hiiiq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Link:
https://tria.ge/reports/241213-eegx5sxpct/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/a5ab20f9ff2b3eb9833d18c2d551a0737f2212bc837ed6d0e8d7311b17874211

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh a5ab20f9ff2b3eb9833d18c2d551a0737f2212bc837ed6d0e8d7311b17874211

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3346973/
  
Delivery method
Distributed via web download

Comments