MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8df3986c1c1391c6e7e765c2ceca28e0d4286a2edf54119d352b38d35ec2f583. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	8df3986c1c1391c6e7e765c2ceca28e0d4286a2edf54119d352b38d35ec2f583
SHA3-384 hash:	ef40ceb077c2420c02fe940fb1c29af59cc7e0a9cce2db84a16c13caff2ebe93811f21189a0a62daaa7ece20142e2aa6
SHA1 hash:	6787222de811e946f90029a4056370ef19c94b28
MD5 hash:	681073504e2d8e2e0c1a0ba0ce9c48e6
humanhash:	spring-johnny-salami-carbon
File name:	wget.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	1'149 bytes
First seen:	2025-07-09 08:50:21 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	24:2NC3gNBI3NuNNIUuiupNn4K6x9mr8xjGp6NmBpE27d6oCSdV2fxn:2nOY2Hpuz9mr8xjGp6NmBpE27d6ondV0
TLSH	T17221FC894E23D04B543C8F21E09B4769479E86C2F0B46E65698E4C77948DB04B438F5B
Magika	txt
Reporter	abuse_ch
Tags:	sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

24

Origin country :

DE

Vendor Threat Intelligence

ClamAV Detected

Detection(s):

SecuriteInfo.com.Shell.Downloader.Gen-1.UNOFFICIAL

Alert

Create hunting rule

CyberFortress Malicious

Verdict:

Malicious

Score:

92.5%

Link:

https://cyber-fortress.com/docs/result/index.php?id=686e2d63900df8e7f868eec0linux22vpnfull_triage

Tags:

n/a

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/cc85a892-1567-45f2-b5b4-a9e54246d4c3

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/8df3986c1c1391c6e7e765c2ceca28e0d4286a2edf54119d352b38d35ec2f583

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/8df3986c1c1391c6e7e765c2ceca28e0d4286a2edf54119d352b38d35ec2f583/

ReversingLabs TitaniumCloud Document-HTML.Trojan.Egairtigado

Threat name:

Document-HTML.Trojan.Egairtigado

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-07-09 08:50:36 UTC

File Type:

Text (Shell)

AV detection:

13 of 38 (34.21%)

Threat level:

  5/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=rxzzq3a4coi4nz7hmxbm5sri4dkcq2ro35kbdhjvfm4ngxwc6wbq._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/250709-krvmnawp12/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/8df3986c1c1391c6e7e765c2ceca28e0d4286a2edf54119d352b38d35ec2f583