MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a73c2b6f5b035a7ad2b85792283a5aa4e855a616575ad56b0b9db17d136c8ce9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a73c2b6f5b035a7ad2b85792283a5aa4e855a616575ad56b0b9db17d136c8ce9
SHA3-384 hash: 9670110b9d251c5cd7e55c8fc178d8556b2b2137046280f39cdfe3b9bd916e562ee8beb79f6c6dcab7814122d7cbfb85
SHA1 hash: 1d8869264435bb5c35357334a96040b350ac21d5
MD5 hash: db2fd0821e5e34a7371a0c1cfe660e3f
humanhash: oregon-fifteen-sad-equal
File name:file
Download: download sample
File size:853 bytes
First seen:2026-03-27 04:11:13 UTC
Last seen:2026-03-27 05:37:28 UTC
File type:Batch (bat) bat
MIME type:text/x-msdos-batch
ssdeep 12:w7706Q/YIUp1snq3lWuNJsN8s2Vr03rVJ8kVJzv:w7706Q/YIUp1snyU2pCf8SD
TLSH T14F012D61354822A161B3877D9EC640C9DF9C8557A5711CBB3C0C90FADFB29635233BC9
Magika batch
Reporter Bitsight
Tags:bat dropped-by-amadey fbf543


Avatar
Bitsight
url: http://192.177.26.196/files/8316621590/eeNfuRg.msi

Intelligence

File Origin
# of uploads :
96
# of downloads :
18
Origin country :
US US
Vendor Threat Intelligence
Malware configuration found for:
BatchScript
Details
BatchScript
varying reportable information from embedded commands and any observed URLs
Link:
https://research.acce.ciphertechsolutions.com/results/b313d0e9-4997-4a89-9d48-98c97e5dfeea/
Detection(s):
SecuriteInfo.com.PUA.IA.Suspicious.67513997.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
90.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69c62ff5390b996474142584
Tags:
shell sage
Result
Verdict:
Clean
Maliciousness:
Verdict:
Unknown
Threat level:
  2.5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/69c62ff22346b9da57aa8d8a/reports/fea48792-1358-4015-8c8a-65ecb3d6ece3/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/a73c2b6f5b035a7ad2b85792283a5aa4e855a616575ad56b0b9db17d136c8ce9
Result
Gathering data
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/a73c2b6f5b035a7ad2b85792283a5aa4e855a616575ad56b0b9db17d136c8ce9
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a73c2b6f5b035a7ad2b85792283a5aa4e855a616575ad56b0b9db17d136c8ce9/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=u46cw323annhvuvyk6jcqos2utufljqwk5nnk2yltwyx2e3mrtuq._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/260327-h6rs7sby7n/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/a73c2b6f5b035a7ad2b85792283a5aa4e855a616575ad56b0b9db17d136c8ce9

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Batch (bat) bat a73c2b6f5b035a7ad2b85792283a5aa4e855a616575ad56b0b9db17d136c8ce9

(this sample)

  
Dropped by
Amadey
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3805980/
  
URLhaus
https://urlhaus.abuse.ch/url/3805997/
  
URLhaus
https://urlhaus.abuse.ch/url/3806000/
  
URLhaus
https://urlhaus.abuse.ch/url/3806002/
  
URLhaus
https://urlhaus.abuse.ch/url/3806003/
  
URLhaus
https://urlhaus.abuse.ch/url/3806010/
  
URLhaus
https://urlhaus.abuse.ch/url/3806017/
  
URLhaus
https://urlhaus.abuse.ch/url/3805987/

Comments