Yeah, I’ve tested samples from URLhaus.
Browser Protection &or Auto-Protect block samples.
Note: same sample here minutes later with Browser Protection disabled…as test
c52467a3889e/2024-11-19T21:13:25.272Z
Threat name: ELF:Agent-BSC [Cryp]
Threat type: Cryptic - This threat is heavily disguised to hide its malicious actions.
Status: Moved to Quarantine
Options: Report as false positive
Detected by: Auto-Protect
On PC from: 11/19/24
Last Used: 11/19/24
Startup Item: No
Unknown
It is unknown how many users in the Norton Community have used this file.
Mature
This file was released 4 years ago.
High
The file risk is high.
Origin
Downloaded from: http://182.nnn.nnn.172:58366/bin.sh
Activity
Path | Type | Status
C:\User\user\Edge\user\current\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_001425 | File | Repaired
===================================
Download Intelligence → No event found