MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ef26f060d76f8877c4abaee3972513eec28aa8bdbc1b289d4ea94b4748faa7f1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ef26f060d76f8877c4abaee3972513eec28aa8bdbc1b289d4ea94b4748faa7f1
SHA3-384 hash: 6f85b280174502fbab1e709044a0eb2eb93aa3b71e4de17ae1dc4eede6c17573037411889b9cd8c0e638e0e135d71f55
SHA1 hash: 184a51238737a4c342cc609904ee6d94fc79067b
MD5 hash: de2f048fa012006a9fd9c2c43ab7f4ab
humanhash: california-july-freddie-avocado
File name:oss.sh
Download: download sample
File size:4'040 bytes
First seen:2025-05-06 08:36:15 UTC
Last seen:Never
File type: sh
MIME type:text/x-shellscript
ssdeep 48:LsWr4nevJ3D3BP6SC1E0rYTs2B/pdV/0U8K3c//Qk66S9EfIekd/VFz/L3YzKLdn:LsWr4neRzRPz0radV/spbK3zTZxBcyZ
TLSH T1D4811E59708071F022CE82715FCA28197140414FA964393EB9DE9AB46FF4B9C56F8AB5
Magika shell
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
80
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Clean
Score:
82.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6819cac2432e243ac3e48501linux22vpnfull_triage
Tags:
n/a
Verdict:
Unknown
Threat level:
  2.5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6819ca34d95f3e34e961a487/reports/8343d3d6-9d83-4133-a9f6-eedffd663743/overview
Score:
10%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/ef26f060d76f8877c4abaee3972513eec28aa8bdbc1b289d4ea94b4748faa7f1
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/ef26f060d76f8877c4abaee3972513eec28aa8bdbc1b289d4ea94b4748faa7f1/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=54tpaygxn6ehprflv3rzojit53bivkf5xqnsrhkovffuosh2u7yq._file
Result
Malware family:
n/a
Score:
  6/10
Tags:
antivm discovery execution linux
Link:
https://tria.ge/reports/250506-kh694axzas/
Behaviour
Command and Scripting Interpreter: Unix Shell
Process Discovery
Reads runtime system information
System Network Configuration Discovery
Checks CPU configuration
Reads CPU attributes
Enumerates running processes
Looks up external IP address via web service
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/ef26f060d76f8877c4abaee3972513eec28aa8bdbc1b289d4ea94b4748faa7f1

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh ef26f060d76f8877c4abaee3972513eec28aa8bdbc1b289d4ea94b4748faa7f1

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3480607/
  
Delivery method
Distributed via web download

Comments