MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 cb5087ea9ba8740f7607f6731e690fd6739101368d86155208f1a014dafbe8ff. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: cb5087ea9ba8740f7607f6731e690fd6739101368d86155208f1a014dafbe8ff
SHA3-384 hash: fd6d7868ce3ca2cb6e36e9542f3b3683b45535b2a6a6461a4743fa06274cbb2e73c4e21cec614d846267d635e79ded56
SHA1 hash: 3e4af8c21f6b3cf2a0b250fab354c214f5f5ef49
MD5 hash: 6bf0e4ef76484e702241071ba33fb641
humanhash: sad-harry-network-lithium
File name:t
Download: download sample
File size:159 bytes
First seen:2025-11-28 18:34:16 UTC
Last seen:Never
File type:unknown
MIME type:text/x-shellscript
ssdeep 3:TKH4vewkP4ITuVCvsiNrIfVMVZa3BFSLMf6SdIfVMVpz3BFSLMvEJ46v:hlIWxE2yMfVd7DiMvgr
TLSH T150C080D513EC145C43485CDC3663C216F0505574187507304485757BC0D495DB0DDF06
TrID 70.0% (.SH) Linux/UNIX shell script (7000/1)
30.0% (.) Unix-like shebang (var.3) (gen) (3000/1)
Magika shell
Reporter abuse_ch

Intelligence

File Origin
# of uploads :
1
# of downloads :
21
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Malicious
Labled as:
TrojanDownloader/Linux.Agent
Link:
https://www.hybrid-analysis.com/sample/cb5087ea9ba8740f7607f6731e690fd6739101368d86155208f1a014dafbe8ff
Result
Gathering data
Score:
94%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/cb5087ea9ba8740f7607f6731e690fd6739101368d86155208f1a014dafbe8ff
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/cb5087ea9ba8740f7607f6731e690fd6739101368d86155208f1a014dafbe8ff/
Verdict:
Malicious
Threat:
Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/cb5087ea9ba8740f7607f6731e690fd6739101368d86155208f1a014dafbe8ff
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=zniip2u3vb2a65qh6zzr42ip2zzzcajwrwdbkuqi6gqbjwx35d7q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.28
Link:
https://yomi.yoroi.company/submissions/cb5087ea9ba8740f7607f6731e690fd6739101368d86155208f1a014dafbe8ff

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

unknown cb5087ea9ba8740f7607f6731e690fd6739101368d86155208f1a014dafbe8ff

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3718806/
  
Delivery method
Distributed via web download

Comments