MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c8bad9a0c07276d54666aba8dcfea675f51ccbb95f4644c6f1eaf9fd66bc6c9e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c8bad9a0c07276d54666aba8dcfea675f51ccbb95f4644c6f1eaf9fd66bc6c9e
SHA3-384 hash: 4c0da53ec816d3a82e2ce90529f502fc37d6fdd1572ccc5524e64df79cd739d7faf0a108546cd25293bb5492692674c0
SHA1 hash: 38f5266a023a4d7a8a67781fa6134bc5fb32d9bb
MD5 hash: 82360e95b621efb00d244c8c47978fe1
humanhash: bravo-spring-ack-earth
File name:rainbow.jpg
Download: download sample
File size:539 bytes
First seen:2024-11-13 19:33:02 UTC
Last seen:2025-02-21 11:33:33 UTC
File type: sh
MIME type:text/x-shellscript
ssdeep 12:VD1Lt6s4MPp7ZmfgOA0jR3L1gKbdPOTxBnu7rV/FxUQr1:VD1MsRh7ZmfXAWdbhri+
TLSH T157F0204A1140FC03158A4839FA31CCF4606C5CDD0A602D38B100275B14CE23E36EA088
Magika shell
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
2
# of downloads :
75
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.BV.Agent-BYO.19528.7595.UNOFFICIAL
Create hunting rule

Verdict:
Clean
Score:
70%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67351b5a34b6906b34829b6clinux22vpnfull_triage
Tags:
malware
Verdict:
Unknown
Threat level:
  2.5/10
Confidence:
100%
Tags:
masquerade
Link:
https://www.filescan.io/uploads/6734ff3e0448e793575117ba/reports/ada0f13b-a1cd-4bd4-9624-a90ffec4fb75/overview
Score:
26%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/c8bad9a0c07276d54666aba8dcfea675f51ccbb95f4644c6f1eaf9fd66bc6c9e
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c8bad9a0c07276d54666aba8dcfea675f51ccbb95f4644c6f1eaf9fd66bc6c9e/
Threat name:
Text.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2024-11-13 19:34:11 UTC
File Type:
Text (Shell)
AV detection:
1 of 38 (2.63%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=zc5ntigaoj3nkrtgvounz7vgox2rzs5zl5dejrxr5l472zv4nspa._file
Result
Malware family:
n/a
Score:
  7/10
Tags:
defense_evasion linux
Link:
https://tria.ge/reports/241113-x933zayckk/
Behaviour
Writes file to tmp directory
File and Directory Permissions Modification
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/c8bad9a0c07276d54666aba8dcfea675f51ccbb95f4644c6f1eaf9fd66bc6c9e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh c8bad9a0c07276d54666aba8dcfea675f51ccbb95f4644c6f1eaf9fd66bc6c9e

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3230703/
  
Delivery method
Distributed via web download

Comments