MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 bedecb838890d650c0e90334d2110251089d7d661c26f17179d90763b99ccd14. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	bedecb838890d650c0e90334d2110251089d7d661c26f17179d90763b99ccd14
SHA3-384 hash:	713559ddfe2d398a79b1317f4f2dd4d61456a9b05a6500ff4692b9c911f8359365f5a4a91c347e12cb6ffd654666f7c1
SHA1 hash:	94ce12c88011c146b2ff9e533d46194fc7add34f
MD5 hash:	0fa5caf302a4d6cf2b1e6b75df950d03
humanhash:	queen-missouri-don-east
File name:	build.sh
Download:	download sample
File size:	2'811 bytes
First seen:	2025-12-27 16:52:55 UTC
Last seen:	Never
File type:	sh
MIME type:	text/x-shellscript
ssdeep	48:A2AuwpKXg5YyHvIu7eUYBzMKZfT+8DbmW4TVqTIbHyF2dxEESm6cq10kTdrRq:A2vwpKXg5YyHv37eU6RZL+8H14TVk2Hf
TLSH	T11251E43A724D7D43405308E32F7EB35BA3A6E0FE3F250D998027A6538A67AD91027579
TrID	70.0% (.SH) Linux/UNIX shell script (7000/1) 30.0% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika	shell
Reporter	abuse_ch
Tags:	sh

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

No detections

Verdict:

Unknown

Threat level:

2.5/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/69500efa84afa5547b5ecf1b/reports/59a2379b-2b2f-479f-b058-cc72d03dfb16/overview

Verdict:

Clean

File Type:

unix shell

First seen:

2025-12-27T14:02:00Z UTC

Last seen:

2025-12-27T14:55:00Z UTC

Hits:

~10

Link:

https://opentip.kaspersky.com/bedecb838890d650c0e90334d2110251089d7d661c26f17179d90763b99ccd14/results?tab=lookup

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/df6b95e4-5b34-4e52-a5cf-90035197c422

Behavior Graph:

Download SVG

Score:

Verdict:

Benign

File Type:

SCRIPT

Link:

https://malprob.io/report/bedecb838890d650c0e90334d2110251089d7d661c26f17179d90763b99ccd14

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/bedecb838890d650c0e90334d2110251089d7d661c26f17179d90763b99ccd14/

Verdict:

Clean

Link:

https://tip.neiki.dev/file/bedecb838890d650c0e90334d2110251089d7d661c26f17179d90763b99ccd14

Threat name:

Text.Trojan.Generic

Status:

Suspicious

First seen:

2025-10-06 16:08:53 UTC

File Type:

Text (Shell)

AV detection:

3 of 24 (12.50%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=x3pmxa4isdlfbqhjam2neeickeej27lgdqtpc4lz3edwhom4zuka._file

Result

Malware family:

n/a

Score:

3/10

Tags:

discovery linux

Link:

https://tria.ge/reports/251227-vd25paypdt/

Behaviour

Reads runtime system information

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

0.80

Link:

https://yomi.yoroi.company/submissions/bedecb838890d650c0e90334d2110251089d7d661c26f17179d90763b99ccd14

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh bedecb838890d650c0e90334d2110251089d7d661c26f17179d90763b99ccd14

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/3744820/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample