MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 589f17d65355981d3e0cd07f65899e46ab04db56b990ee4d0d4fd02af918d91b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	589f17d65355981d3e0cd07f65899e46ab04db56b990ee4d0d4fd02af918d91b
SHA3-384 hash:	1e9183ad01f0c5a2d484df7b9df7e019924d4e9029ec49d7f0a0eecd25ee7da5bb3faaeee4f48b79b871fb0d7fcd2412
SHA1 hash:	0197cffa43cc90c6d033ecf3f9a9dbd581ffd706
MD5 hash:	76b01a84f3616fa7b587e09c0734a49c
humanhash:	maryland-oven-oscar-nine
File name:	giga.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	765 bytes
First seen:	2025-10-24 19:53:22 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	12:ARaxWR4cYRhNIjlT4/RqiKl2QFYp6SQT9WKFG10WTbFPI/psluv:iaxE4c6hNIpMJHKljE6dWksluv
TLSH	T17A0180FF5026172503408E4DA069C9047067DBE7B2B0DF9C9884B8325EC6576B073F87
Magika	shell
Reporter	abuse_ch
Tags:	mirai sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

41

Origin country :

DE

Vendor Threat Intelligence

FileScan.IO Malicious

Verdict:

Malicious

Threat level:

  10/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/68fbd93a3a79800405f5535b/reports/7dd6910a-4a07-45ad-8c45-7cd33712e740/overview

Kaspersky OpenTIP Malicious

Verdict:

Malicious

File Type:

ps1

First seen:

2025-10-24T17:32:00Z UTC

Last seen:

2025-10-24T21:47:00Z UTC

Hits:

~10

Link:

https://opentip.kaspersky.com/589f17d65355981d3e0cd07f65899e46ab04db56b990ee4d0d4fd02af918d91b/results?tab=lookup

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/1539e868-9fc8-451e-a033-7b41305f3dc0

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/589f17d65355981d3e0cd07f65899e46ab04db56b990ee4d0d4fd02af918d91b

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/589f17d65355981d3e0cd07f65899e46ab04db56b990ee4d0d4fd02af918d91b/

ReversingLabs TitaniumCloud Document-HTML.Downloader.Heuristic

Threat name:

Document-HTML.Downloader.Heuristic

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-10-24 19:54:33 UTC

File Type:

Text (Shell)

AV detection:

12 of 24 (50.00%)

Threat level:

  2/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=lcprpvstkwmb2pqm2b7wlcm6i2vqjw2wxgio4tinj7icv6iy3enq._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/251024-yl8h8a1jd1/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/589f17d65355981d3e0cd07f65899e46ab04db56b990ee4d0d4fd02af918d91b