MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d37c936e77e3b9185190ce906a551416baa4273e2aafced63a900b3438ef5c06. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d37c936e77e3b9185190ce906a551416baa4273e2aafced63a900b3438ef5c06
SHA3-384 hash: 2cb553863d0810f0c598cacbee92a3bc4d35e83ad4e63994f2d412cddb65668c15707c269197e17f214be1e1d27aca09
SHA1 hash: e2ea258218a37d154a6ad58377792f69c94316c5
MD5 hash: 2d1ad7809f97c8eac4ffd1874c467eae
humanhash: island-ohio-nevada-blue
File name:m
Download: download sample
File size:554 bytes
First seen:2026-03-01 09:20:22 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 12:MquhRnFxvhsHBTedyWSpWnqxr/ABXWBDZ9zlKpNYHj6X:MfnnDhkBedyWiWIr/smBDZhPD6X
TLSH T1B8F0E14014C0BC7423F81CA89185460ED0B63BB196DB3F1877D267F18B670407109AC5
Magika shell
Reporter abuse_ch
Tags:sh
URLMalware sample (SHA256 hash)SignatureTags
http://ext-checkdin.vercel.app/api/tokenln/an/an/a

Intelligence

File Origin
# of uploads :
1
# of downloads :
62
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
base64 bash lolbin obfuscated
Link:
https://www.filescan.io/uploads/69a44e6a9eaae8465941045d/reports/538921b1-be6d-4108-b4fe-74ecd66d975e/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/d37c936e77e3b9185190ce906a551416baa4273e2aafced63a900b3438ef5c06
Verdict:
Unknown
File Type:
text
Link:
https://opentip.kaspersky.com/d37c936e77e3b9185190ce906a551416baa4273e2aafced63a900b3438ef5c06/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/92143ecd-d577-46b1-9037-216075b3f725
Behavior Graph:
Download SVG
%3 guuid=13bc4828-1b00-0000-81ae-ba18530b0000 pid=2899 /usr/bin/sudo guuid=4e148c2a-1b00-0000-81ae-ba18590b0000 pid=2905 /tmp/sample.bin guuid=13bc4828-1b00-0000-81ae-ba18530b0000 pid=2899->guuid=4e148c2a-1b00-0000-81ae-ba18590b0000 pid=2905 execve guuid=c063d92a-1b00-0000-81ae-ba185b0b0000 pid=2907 /usr/bin/mkdir guuid=4e148c2a-1b00-0000-81ae-ba18590b0000 pid=2905->guuid=c063d92a-1b00-0000-81ae-ba185b0b0000 pid=2907 execve guuid=b2039d2b-1b00-0000-81ae-ba185d0b0000 pid=2909 /usr/bin/clear guuid=4e148c2a-1b00-0000-81ae-ba18590b0000 pid=2905->guuid=b2039d2b-1b00-0000-81ae-ba185d0b0000 pid=2909 execve
Score:
36%
Verdict:
Susipicious
File Type:
SCRIPT
Link:
https://malprob.io/report/d37c936e77e3b9185190ce906a551416baa4273e2aafced63a900b3438ef5c06
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/d37c936e77e3b9185190ce906a551416baa4273e2aafced63a900b3438ef5c06/
Threat name:
Text.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-03-01 10:11:08 UTC
File Type:
Text (Shell)
AV detection:
3 of 24 (12.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=2n6jg3tx4o4rqumqz2iguviuc25kijz6fkx45vr2saftiohplqda._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260301-rw3mdsdz4a/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/d37c936e77e3b9185190ce906a551416baa4273e2aafced63a900b3438ef5c06

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh d37c936e77e3b9185190ce906a551416baa4273e2aafced63a900b3438ef5c06

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3787692/
  
Delivery method
Distributed via web download

Comments