MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0b768ac1a55b164a39dc9af29102016a5417b6c038b427683641333881b3867b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	0b768ac1a55b164a39dc9af29102016a5417b6c038b427683641333881b3867b
SHA3-384 hash:	2961078b528b2c94d644555b88c5b3fa364ef2a4f692023bc6741785150d7d611f44c0cfc1f35026bbccbd170cef8930
SHA1 hash:	8414a70b755f1281df0f46b16d022b89c03aca08
MD5 hash:	e2d0bc211a7ae1f7550b1af20ee60894
humanhash:	mountain-lake-winner-princess
File name:	wget.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	880 bytes
First seen:	2025-06-18 23:09:53 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	24:9cs+So/csTSDocsZNIxSydcsFSIKxKcsAThcsA+9csAokJcsIRBWR/WRFcs9ex8Z:9d+So/dTSDodKSyddFSISKdAThdA+9dv
TLSH	T1F611889D1051724D4919CFCB71590B046F45CBE4F0ED9F8A6AA44733889A510B83DF0F
Magika	shell
Reporter	abuse_ch
Tags:	sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

125

Origin country :

DE

Vendor Threat Intelligence

ClamAV Detected

Detection(s):

Sanesecurity.Malware.30762.LX.BOT.UNOFFICIAL

Alert

Create hunting rule

SecuriteInfo.com.Shell.Downloader.Gen-1.UNOFFICIAL

Alert

Create hunting rule

Sanesecurity.Malware.30755.LX.BOT.UNOFFICIAL

Alert

Create hunting rule

CyberFortress Malicious

Verdict:

Malicious

Score:

92.5%

Link:

https://cyber-fortress.com/docs/result/index.php?id=6853dee57fd2eba8b33b1df9linux22vpnfull_triage

Tags:

trojan agent hype

FileScan.IO Malicious

Verdict:

Malicious

Threat level:

  10/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/685347763faf8fcd7d34e6b7/reports/d56fad74-6a49-49d3-9b1f-05d113c3bdd6/overview

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/4e830b8a-b9a6-489d-a736-223ebc7c57a6

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/0b768ac1a55b164a39dc9af29102016a5417b6c038b427683641333881b3867b

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/0b768ac1a55b164a39dc9af29102016a5417b6c038b427683641333881b3867b/

Neiki Malicious

Verdict:

Malicious

Link:

https://tip.neiki.dev/file/0b768ac1a55b164a39dc9af29102016a5417b6c038b427683641333881b3867b

ReversingLabs TitaniumCloud Win32.Trojan.Egairtigado

Threat name:

Win32.Trojan.Egairtigado

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-06-18 23:10:50 UTC

File Type:

Text (Shell)

AV detection:

14 of 24 (58.33%)

Threat level:

  5/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=bn3ivqnflmleuoo4tlzjcaqbnjkbpnwahc2co2bwieztrantqz5q._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/250618-253nvsgm8t/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Malicious File

Threat name:

Malicious File

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/0b768ac1a55b164a39dc9af29102016a5417b6c038b427683641333881b3867b