MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e3df07460477dc19617e3e815fbd3c8493dce75d447a49eb3bc04d09cc79eb70. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 5

Intelligence 5 IOCs YARA File information Comments

SHA256 hash:	e3df07460477dc19617e3e815fbd3c8493dce75d447a49eb3bc04d09cc79eb70
SHA3-384 hash:	aeee85d001adbe1cbfd1b66874c7247542af1d71e8d7ed02bb5cf696510a4a5c0663e56119999244803e7f2cbc087634
SHA1 hash:	0fbaacc233392313e3117f155383b5c47dc20643
MD5 hash:	dfe6c6d8620413f75a914a2d82a825a1
humanhash:	snake-wyoming-jersey-monkey
File name:	bins.sh
Download:	download sample
File size:	1'605 bytes
First seen:	2025-11-22 22:30:48 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	24:lYq8ogBc4obxCNIdBPGYVfdxbpXssoKxpamafNaoPv:lZ8og64obxdBOYtdxbpXsso6wrfEoX
TLSH	T16731A1C471725AB68AE0FEB7B0A9B58CBBE540CF2907EEAE78C025ED405DD0469003E1
Magika	batch
Reporter	abuse_ch
Tags:	sh

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

Verdict:

Suspicious

Threat level:

5/10

Confidence:

100%

Tags:

evasive

Link:

https://www.filescan.io/uploads/692239b86a9db4642e0e778c/reports/02109779-b34b-4241-8532-469b6e5baca7/overview

Result

Gathering data

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/37c2b592-cab2-4fef-9d73-21d6e8d2f3eb

Behavior Graph:

Download SVG

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/e3df07460477dc19617e3e815fbd3c8493dce75d447a49eb3bc04d09cc79eb70

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/e3df07460477dc19617e3e815fbd3c8493dce75d447a49eb3bc04d09cc79eb70/

Threat name:

Script-Shell.Worm.Mirai

Status:

Malicious

First seen:

2025-11-22 22:31:24 UTC

File Type:

Text (Shell)

AV detection:

5 of 36 (13.89%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=4ppqorqeo7obsyl6h2av7pj4qsj5zz25ir5et2z3ybgqttdz5nya._file

Result

Malware family:

n/a

Score:

3/10

Tags:

n/a

Link:

https://tria.ge/reports/251122-2fhmdsfk2x/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh e3df07460477dc19617e3e815fbd3c8493dce75d447a49eb3bc04d09cc79eb70

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/3714385/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample