MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5bfd06796042180974d845a4f02101dedbb2649af20493895f6d48c010d6291c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	5bfd06796042180974d845a4f02101dedbb2649af20493895f6d48c010d6291c
SHA3-384 hash:	f291e45c6776a52bedb69e1149ef6f9da74da5116af8ebea58e72059c3daa6d88d8567179e16280ede4ddbc1f9a10f7c
SHA1 hash:	8f185439ff0a9d4fb13ffd4e01d25f7f76268378
MD5 hash:	f6eadf5b3abf558056c1093669983b2a
humanhash:	vegan-fifteen-lithium-floor
File name:	wget.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	822 bytes
First seen:	2025-11-23 10:10:29 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	12:yhGYrNIl5Z0LKB+OF+jMuTtjiSOZsteA7Vn:bYrNI7wKB+I+jzT5il6teA5n
TLSH	T1740133DEF27162A206848DA5B0694864A534F3D833704B1ADCD604FAC4E574831B7E6F
Magika	txt
Reporter	abuse_ch
Tags:	mirai sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

34

Origin country :

DE

Vendor Threat Intelligence

ClamAV Detected

Detection(s):

Sanesecurity.Malware.32160.LX.BOT.UNOFFICIAL

Alert

Create hunting rule

FileScan.IO Malicious

Verdict:

Malicious

Threat level:

  10/10

Confidence:

100%

Tags:

evasive mirai

Link:

https://www.filescan.io/uploads/6922e49aeecb08e4aa45aa29/reports/a052e3ef-ff4e-45a6-a839-ac5363e77358/overview

Kaspersky OpenTIP Malicious

Verdict:

Malicious

File Type:

text

First seen:

2025-11-23T00:34:00Z UTC

Last seen:

2025-11-23T06:18:00Z UTC

Hits:

~10

Link:

https://opentip.kaspersky.com/5bfd06796042180974d845a4f02101dedbb2649af20493895f6d48c010d6291c/results?tab=lookup

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/c08fa2ff-0b4f-440e-a487-5e19d69d4091

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/5bfd06796042180974d845a4f02101dedbb2649af20493895f6d48c010d6291c

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/5bfd06796042180974d845a4f02101dedbb2649af20493895f6d48c010d6291c/

ReversingLabs TitaniumCloud Linux.Trojan.Vigorf

Threat name:

Linux.Trojan.Vigorf

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-11-23 05:29:03 UTC

File Type:

Text (Shell)

AV detection:

19 of 38 (50.00%)

Threat level:

  5/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=lp6qm6laiimas5gyiwspaiib33n3eze26icjhck7nvemaegwfeoa._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/251123-mszzwafk2x/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/5bfd06796042180974d845a4f02101dedbb2649af20493895f6d48c010d6291c