MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5c595e7a065f3c2c6461ccf2f084b81020cd3aed5e2539960d21453af7b11756. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 5c595e7a065f3c2c6461ccf2f084b81020cd3aed5e2539960d21453af7b11756
SHA3-384 hash: ed0f04ec187fe1b6453e7dc1215897b6a0e8fee2a93563fc7567f2a59298d46865962edd434b12ccf66e245d113affde
SHA1 hash: e74b584e819e0d9ddf38bed12a152f9fb41e2f4a
MD5 hash: a271b67a20aa571427de46b3da870ec1
humanhash: item-uniform-video-glucose
File name:sora.sh
Download: download sample
File size:2'404 bytes
First seen:2026-04-19 16:15:28 UTC
Last seen:2026-04-20 07:12:01 UTC
File type: sh
MIME type:text/plain
ssdeep 48:PXwHsIJBYa82C96GNpYMzvmgT1kC/B10Cs/CVbLuH5VS1v75//X9W5B13JAKo1vO:YHsIJBD8t4qWi+WWQUB/CxLgVK75/v98
TLSH T1E341114A2522BC276F4796B6CEABF7DD306335D3D2209498B0CD69512F6D1103B94A05
Magika shell
Reporter abuse_ch
Tags:sh

Intelligence

File Origin
# of uploads :
120
# of downloads :
7
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Malicious
File Type:
unix shell
First seen:
2026-04-19T13:07:00Z UTC
Last seen:
2026-04-21T07:06:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/5c595e7a065f3c2c6461ccf2f084b81020cd3aed5e2539960d21453af7b11756/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/2c660876-1c25-4aa9-97a4-2a189506dc36
Behavior Graph:
Download SVG
%3
Score:
6%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/5c595e7a065f3c2c6461ccf2f084b81020cd3aed5e2539960d21453af7b11756
Gathering data
Threat name:
Linux.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-04-19 14:46:55 UTC
File Type:
Text (Shell)
AV detection:
4 of 24 (16.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=lrmv46qgl46cyzdbztzpbbfycaqm2oxnlysttfqnefctv55rc5la._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

sh 5c595e7a065f3c2c6461ccf2f084b81020cd3aed5e2539960d21453af7b11756

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3826007/
  
Delivery method
Distributed via web download

Comments