MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 faca3d0ea788c16d4fef5a906229fc9a1a9f529e1c119b7e25469ea2b4046f4f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: faca3d0ea788c16d4fef5a906229fc9a1a9f529e1c119b7e25469ea2b4046f4f
SHA3-384 hash: f93577a2630199a7ac9da2224720d89a763ba556817de32c0d7d23b803b9c4d8ab595b66a4ea48d5334b2a1020a1d14f
SHA1 hash: 8203ead35bbeda0e9c088009c3a524ce7eb34321
MD5 hash: d9aabfd9df5e9013f3ef22c57ce56069
humanhash: magnesium-five-october-south
File name:faca3d0ea788c16d4fef5a906229fc9a1a9f529e1c119b7e25469ea2b4046f4f.sh
Download: download sample
File size:9'736 bytes
First seen:2026-02-22 16:40:57 UTC
Last seen:Never
File type: sh
MIME type:text/plain
ssdeep 96:cCuosht+O+v1fsn+h4+tIiKqCTyOysYtujtuHKNpUj4waYvj2Cptps:cCul4hvZ5m5FG4j4HKNpiva
TLSH T1B512353B21F08732D3C450DA52A61A654E72A70B452614B5F4FEA336AF2C90731E7F65
Magika xml
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
1
# of downloads :
56
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
evasive
Link:
https://www.filescan.io/uploads/699b31aa97feb4afd6520f20/reports/ed98e224-a9b6-47da-b995-135f4fe5996a/overview
Result
Gathering data
Verdict:
Malicious
File Type:
text
Detections:
HEUR:Trojan-Downloader.Shell.Agent.a
Link:
https://opentip.kaspersky.com/faca3d0ea788c16d4fef5a906229fc9a1a9f529e1c119b7e25469ea2b4046f4f/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/39abca12-07df-478d-85bb-2bfe110f16aa
Behavior Graph:
Download SVG
%3 guuid=5af79d60-2000-0000-a59e-7ed70c0b0000 pid=2828 /usr/bin/sudo guuid=80d2bf63-2000-0000-a59e-7ed7120b0000 pid=2834 /tmp/sample.bin guuid=5af79d60-2000-0000-a59e-7ed70c0b0000 pid=2828->guuid=80d2bf63-2000-0000-a59e-7ed7120b0000 pid=2834 execve
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/faca3d0ea788c16d4fef5a906229fc9a1a9f529e1c119b7e25469ea2b4046f4f
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/faca3d0ea788c16d4fef5a906229fc9a1a9f529e1c119b7e25469ea2b4046f4f/
Verdict:
Malicious
Threat:
Trojan-Downloader.Shell.Agent
Link:
https://tip.neiki.dev/file/faca3d0ea788c16d4fef5a906229fc9a1a9f529e1c119b7e25469ea2b4046f4f
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=7lfd2dvhrdaw2t7plkigekp4tinj6uu6dqizw7rfi2pkfnaen5hq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260222-t671zahv5c/
Behaviour
Modifies registry class
Suspicious use of SetWindowsHookEx
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh faca3d0ea788c16d4fef5a906229fc9a1a9f529e1c119b7e25469ea2b4046f4f

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3783382/
  
Delivery method
Distributed via web download

Comments