MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 96be545ce342f0eb9039c6a8b9f3da65a892431a89dfd0556fa2d7e17d4c4f41. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	96be545ce342f0eb9039c6a8b9f3da65a892431a89dfd0556fa2d7e17d4c4f41
SHA3-384 hash:	5dc64aee5beeffc8d68f5d2d084dd9771909b61eede4cbcf57a90151bd7b63563e678f7cfba2fd27cbdd9839f70993eb
SHA1 hash:	3ffcb388fe7aaaa56b8e432e2cddfd3a289bbc45
MD5 hash:	fe9055450816f06c43da6ecc4b99c88c
humanhash:	nevada-delta-pizza-shade
File name:	w.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	678 bytes
First seen:	2025-08-01 12:40:00 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	12:7SSPA0SeapFE0SyTA0SXK9H0SwKA0Szl0Sdqn0SgFmP0Smjq0SYecAUR:71RjaBpkK9UCR4+N0WsNfRR
TLSH	T1030162CF1A6772D28A8C6D94326BC850F646D3C4B0BB17CAEA844C7592D4611F0D8FB6
Magika	txt
Reporter	abuse_ch
Tags:	sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

32

Origin country :

DE

Vendor Threat Intelligence

FileScan.IO Malicious

Verdict:

Malicious

Threat level:

  10/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/688cb5d332e61090868a2d98/reports/50c8f935-fef3-4e59-bd9f-0e0f563adb17/overview

Kunai Sandbox

Status:

Failed

Link:

https://sandbox.kunai.rocks/analysis/66c9ac24-a1f9-4cf6-8c72-0715f8890156

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/96be545ce342f0eb9039c6a8b9f3da65a892431a89dfd0556fa2d7e17d4c4f41

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/96be545ce342f0eb9039c6a8b9f3da65a892431a89dfd0556fa2d7e17d4c4f41/

Neiki HEUR:Trojan-Downloader.Shell.Agent

Verdict:

Malicious

Threat:

HEUR:Trojan-Downloader.Shell.Agent

Link:

https://tip.neiki.dev/file/96be545ce342f0eb9039c6a8b9f3da65a892431a89dfd0556fa2d7e17d4c4f41

ReversingLabs TitaniumCloud Document-HTML.Downloader.Heuristic

Threat name:

Document-HTML.Downloader.Heuristic

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-08-01 12:30:53 UTC

File Type:

Text (Shell)

AV detection:

7 of 38 (18.42%)

Threat level:

  2/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=s27fixhdilyoxebzy2ult462mwujeqy2rhp5avlpull6c7kmj5aq._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/250801-pwjheazqw6/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/96be545ce342f0eb9039c6a8b9f3da65a892431a89dfd0556fa2d7e17d4c4f41