MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 eb24975b85b8cefceaa7089bc8acfacf75e9ad440d1fb39ad9a4dc98ddc33d98. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: eb24975b85b8cefceaa7089bc8acfacf75e9ad440d1fb39ad9a4dc98ddc33d98
SHA3-384 hash: 18ecc5481842961cc0f912227e8d8fa0f0076e2eb7430ef375b4d7b6633fccfd0aceeb58d705725fbe8ccaee3921918b
SHA1 hash: fabf4e7865cf19fda09b8df251eaa92187ad83df
MD5 hash: 1b2070a1579bccf097e446f5dc17d0d3
humanhash: aspen-mobile-foxtrot-mango
File name:w
Download: download sample
File size:4'572 bytes
First seen:2024-11-07 21:36:43 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 96:1xZYcLaocE1X25FIAzaUg8xXERdXPjETFv:bTX25FIAzav8xXEzXPjETFv
TLSH T1F59104CC39611F324C13EF1CF76189A2E093D4A904A08FD974AD71BCB9BED86DA94947
Magika shell
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
84
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.30790.LX.BOT.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.Linux.Downloader-29.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.Linux.Downloader-6.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=672dc10ba5bee3c9d42bb413linux22vpnfull_triage
Tags:
mirai agent virus sage
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/672d32ff53112d61aaa9244c/reports/e9fc723f-1350-467b-91a8-7cb1b14e46d2/overview
Verdict:
Malicious
Labled as:
Linux.Medusa.C.Generic
Link:
https://www.hybrid-analysis.com/sample/eb24975b85b8cefceaa7089bc8acfacf75e9ad440d1fb39ad9a4dc98ddc33d98
Result
Verdict:
MALICIOUS
Score:
62%
Verdict:
Susipicious
File Type:
SCRIPT
Link:
https://malprob.io/report/eb24975b85b8cefceaa7089bc8acfacf75e9ad440d1fb39ad9a4dc98ddc33d98
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/eb24975b85b8cefceaa7089bc8acfacf75e9ad440d1fb39ad9a4dc98ddc33d98/
Threat name:
Linux.Downloader.Medusa
Create hunting rule
Status:
Malicious
First seen:
2024-11-07 12:50:40 UTC
File Type:
Text (Shell)
AV detection:
18 of 38 (47.37%)
Threat level:
  3/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=5msjow4fxdhpz2vhbcn4rlh2z526tlkebup3hgwzutojrxodhwma._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/eb24975b85b8cefceaa7089bc8acfacf75e9ad440d1fb39ad9a4dc98ddc33d98

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh eb24975b85b8cefceaa7089bc8acfacf75e9ad440d1fb39ad9a4dc98ddc33d98

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3281038/
  
Delivery method
Distributed via web download

Comments