MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 bcee0470e2203cd0207b119968b5dbf323e82bf8007f37f386a42c63da5e51e2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 7

Intelligence 7 IOCs YARA File information Comments

SHA256 hash:	bcee0470e2203cd0207b119968b5dbf323e82bf8007f37f386a42c63da5e51e2
SHA3-384 hash:	57a3f036d004fbbf49630b5d139108d7b9a1f1efb649e6a30209f37fc203854e594ed87498a5504608b3290fcb888a4c
SHA1 hash:	e516984b4a150c9442c1cd45e6c3e8bc2d85a16a
MD5 hash:	0580bd76ee62f44f7cdb9a9a36102b91
humanhash:	arizona-chicken-oklahoma-harry
File name:	EUROPEAN ENUIRY E261138 A001 PRODUCTSERVICE SPECIFICATIONS.rar
Download:	download sample
File size:	2'057 bytes
First seen:	2026-06-22 23:26:58 UTC
Last seen:	Never
File type:	rar
MIME type:	application/x-rar
ssdeep	48:ZS7XL9V9FSgKcMcxhCy2GO8ZMpYR/wdir9dVYqCyONnJs0P:ZS3figKcmfJpm/wK9dVY1fDs0P
TLSH	T16E414CD757B6340A78428F261CBE0A63A61A131F381DEC06A1415A5E468FECF5E1143D
TrID	61.5% (.RAR) RAR compressed archive (v5.0) (8000/1) 38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Magika	rar
Reporter	smica83
Tags:	HUN rar

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

File Archive Information

This file archive contains 1 file(s), sorted by their relevance:

File name:	EUROPEAN ENUIRY E261138 A001 PRODUCTSERVICE SPECIFICATIONS.bat
File size:	3'737 bytes
SHA256 hash:	f2e301970561a994be3f55f4c146863f20a23a765dc1e56b424d51fee8822ba9
MD5 hash:	5ffbe4fbf58f8ca446da4b96f5c0b06d
MIME type:	text/plain

Vendor Threat Intelligence

Details

Link:

https://research.acce.ciphertechsolutions.com/results/07e9fc56-0fc4-4539-9513-7918f893fc23/

Detection(s):

SecuriteInfo.com.Win32.SuspectCrc.5715.30588.UNOFFICIAL

SecuriteInfo.com.Win32.SuspectCrc.12292.9521.UNOFFICIAL

Verdict:

Malicious

Score:

90.2%

Link:

https://cyber-fortress.com/docs/result/index.php?id=6a39c4ec1548daf709f9039e

Tags:

obfuscate xtreme shell

Verdict:

Likely Malicious

Threat level:

7.5/10

Confidence:

100%

Tags:

base64 encrypted obfuscated powershell

Link:

https://www.filescan.io/uploads/6a39c4e862d0679105fc5185/reports/4a802a47-30d1-49cf-804a-7b0f65d1bb53/overview

Verdict:

Unknown

Link:

https://www.hybrid-analysis.com/sample/bcee0470e2203cd0207b119968b5dbf323e82bf8007f37f386a42c63da5e51e2

Verdict:

Unknown

File Type:

rar

Link:

https://opentip.kaspersky.com/bcee0470e2203cd0207b119968b5dbf323e82bf8007f37f386a42c63da5e51e2/results?tab=lookup

Gathering data

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/bcee0470e2203cd0207b119968b5dbf323e82bf8007f37f386a42c63da5e51e2/

Threat name:

Script-PowerShell.Trojan.Heuristic

Status:

Malicious

First seen:

2026-06-22 18:03:21 UTC

File Type:

Binary (Archive)

Extracted files:

AV detection:

6 of 24 (25.00%)

Threat level:

2/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=xtxai4hcea6naid3cgmwrno36mr6qk7yab7tp44guqwghws6khra._file

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/bcee0470e2203cd0207b119968b5dbf323e82bf8007f37f386a42c63da5e51e2

File information

The table below shows additional information about this malware sample such as delivery method and external references.

No further information available

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample