MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 163a2c04fa5a1a8607a3aa00791c044bf68f7b20d610d555f9991aca861028ac. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	163a2c04fa5a1a8607a3aa00791c044bf68f7b20d610d555f9991aca861028ac
SHA3-384 hash:	509bec5aacbaeaf6f6de9d64f1449a6e7648f4d95b1713c32d7cd364e6bb97e8fde6f73675c9c85e48102528991e5de7
SHA1 hash:	402ef77ef8aa8eaab8f30c13e377ae43126e1aa9
MD5 hash:	310fad1251675a0cd1eb104dec70489d
humanhash:	east-ceiling-indigo-ohio
File name:	wget.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	810 bytes
First seen:	2025-08-21 07:52:23 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	24:h93Yk8NI7tEK99+Ih2jyOT5QHlJaturJgksn:TYiuRI4f50U
TLSH	T15C0125DE67B271624E88CE64606944C49536E2D032D80F6EDCC62CF3C8E97013235E7B
Magika	txt
Reporter	abuse_ch
Tags:	mirai sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

30

Origin country :

DE

Vendor Threat Intelligence

ClamAV Detected

Detection(s):

Sanesecurity.Malware.32160.LX.BOT.UNOFFICIAL

Alert

Create hunting rule

FileScan.IO Malicious

Verdict:

Malicious

Threat level:

  10/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/68a6d128a4bdac9f5ba269fd/reports/af7c874d-3969-4c1a-9322-84fc1392bfff/overview

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/19228250-188c-48a5-ba4b-bf768c73e1d8

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/163a2c04fa5a1a8607a3aa00791c044bf68f7b20d610d555f9991aca861028ac

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/163a2c04fa5a1a8607a3aa00791c044bf68f7b20d610d555f9991aca861028ac/

Neiki Family.MIRAI

Verdict:

Malicious

Threat:

Family.MIRAI

Link:

https://tip.neiki.dev/file/163a2c04fa5a1a8607a3aa00791c044bf68f7b20d610d555f9991aca861028ac

ReversingLabs TitaniumCloud Linux.Trojan.Alevaul

Threat name:

Linux.Trojan.Alevaul

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-08-21 06:35:33 UTC

File Type:

Text (Shell)

AV detection:

20 of 38 (52.63%)

Threat level:

  5/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=cy5cybh2linimb5dviahshaejp3i66za2yinkvpztenmvbqqfcwa._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/250821-jrg6wsgr6y/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/163a2c04fa5a1a8607a3aa00791c044bf68f7b20d610d555f9991aca861028ac