MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 aa8fdbdea3e110fd3e9d1255e2d7acbd5239175adb2db35a099391a4a988adb6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Threat unknown
Vendor detections: 8
| SHA256 hash: | aa8fdbdea3e110fd3e9d1255e2d7acbd5239175adb2db35a099391a4a988adb6 |
|---|---|
| SHA3-384 hash: | f03b364c62ab606511542308b4f2b510fa6da0ad4da02f8eb0bd3044d021c6b06c98b80e5c85d5591e3b197a59b155c7 |
| SHA1 hash: | 85db10cdd4c6bac108db633d8f09e1dd09a6a270 |
| MD5 hash: | 76f21ed0577f7a1ed0bf28a543a623ec |
| humanhash: | mobile-saturn-echo-muppet |
| File name: | aa8fdbdea3e110fd3e9d1255e2d7acbd5239175adb2db35a099391a4a988adb6 |
| Download: | download sample |
| File size: | 27'367 bytes |
| First seen: | 2026-02-21 06:05:45 UTC |
| Last seen: | Never |
| File type: | |
| MIME type: | text/x-perl |
| ssdeep | 384:4JjsevQ4rDp2q7wuGNqkQ2fy4U+07kL3lT:4lsevQ4rDp2q7hGNqzZo0oL3N |
| TLSH | T14FC2964929E3891272BBF0765BDEA019776F81C7470CCE147D6C829AAF90039D1F8AC8 |
| TrID | 50.0% (.) Unix-like shebang (var.1) (gen) (7000/1) 28.5% (.PL) Perl script (4000/1/1) 21.4% (.) Unix-like shebang (var.3) (gen) (3000/1) |
| Magika | perl |
| Reporter | |
| Tags: | pl |
Intelligence
File Origin
# of uploads :
1
# of downloads :
91
Origin country :
AUVendor Threat Intelligence
No detections
Verdict:
Malicious
Score:
99.1%
Link:
Tags:
shellbot virus
Verdict:
Malicious
Threat level:
10/10
Confidence:
100%
Tags:
perlbot shellbot shellshock
Verdict:
Malicious
Labled as:
Backdoor.Perl.Shellbot
Result
Gathering data
Score:
99%
Verdict:
Malware
File Type:
SCRIPT
Verdict:
Malicious
Threat:
Backdoor.Perl.IRCBot
Gathering data
Detection(s):
Suspicious file
Result
Malware family:
n/a
Score:
4/10
Tags:
discovery linux
Behaviour
System Network Configuration Discovery
Changes its process name
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.95
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Web download
aa8fdbdea3e110fd3e9d1255e2d7acbd5239175adb2db35a099391a4a988adb6
(this sample)
Delivery method
Distributed via web download
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.wget -O /home/ubuntu/captured_binaries/elox3 http://80.94.92.89/elox3