MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b6b7d304d1af5ccce2da4c7544e8f12a791e16bc020662f10c13660e445505a9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b6b7d304d1af5ccce2da4c7544e8f12a791e16bc020662f10c13660e445505a9
SHA3-384 hash: 85899c2967f05db0f613eb05ed0ab70a8f77c9b3528003763c94547103ce369eedb96f981e29b107eb5d301c63f79952
SHA1 hash: b27188ff64b42d93a9dba967fb7d00fdacd34516
MD5 hash: 9764f03106217b08ab7cccc009144059
humanhash: east-lamp-harry-skylark
File name:create.py
Download: download sample
File size:5'260 bytes
First seen:2025-02-25 17:17:50 UTC
Last seen:Never
File type:
MIME type:text/plain
ssdeep 96:1u6d+u8UZOvOc4cacx1NeLCc8gyYx+iiqLP:BAfx1NeLCcXyYxPiqLP
TLSH T176B147997A214B720CA8DFD2F2218131B243D19F84D7CFCA76BD70BCAEBDE54A514606
Magika txt
Reporter abuse_ch
Tags:py

Intelligence

File Origin
# of uploads :
1
# of downloads :
83
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.30790.LX.BOT.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.Linux.Downloader-29.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.Linux.Downloader-6.UNOFFICIAL
Create hunting rule

Verdict:
Clean
Score:
84.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67bdfbaca0fd713c335cbe7a
Tags:
n/a
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/67bdfb5c3afc3763bec63011/reports/ef03e238-4426-499a-88cf-c973b28ef622/overview
Verdict:
Suspicious
Labled as:
SH/Mirai.D.gen
Link:
https://www.hybrid-analysis.com/sample/b6b7d304d1af5ccce2da4c7544e8f12a791e16bc020662f10c13660e445505a9
Result
Verdict:
UNKNOWN
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/b6b7d304d1af5ccce2da4c7544e8f12a791e16bc020662f10c13660e445505a9
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b6b7d304d1af5ccce2da4c7544e8f12a791e16bc020662f10c13660e445505a9/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Malicious
First seen:
2025-02-25 17:18:16 UTC
File Type:
Text (Shell)
AV detection:
10 of 24 (41.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=w235gbgrv5omzyw2jr2uj2hrfj4r4fv4aidgf4imcnta4rcvawuq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Link:
https://tria.ge/reports/250225-vvcalaymx4/
Behaviour
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/b6b7d304d1af5ccce2da4c7544e8f12a791e16bc020662f10c13660e445505a9

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

b6b7d304d1af5ccce2da4c7544e8f12a791e16bc020662f10c13660e445505a9

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3452106/
  
Delivery method
Distributed via web download

Comments