MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a63b46050effa36e92e958c6dda8311d572532dd1da1d02d82fa23b5914a8017. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	a63b46050effa36e92e958c6dda8311d572532dd1da1d02d82fa23b5914a8017
SHA3-384 hash:	71a83845668ae8b5296e8f6c90d5f737b1e52121a7c6eca90655d63a6852779d82d46ba856e7a5a932bc2ff89a3076a8
SHA1 hash:	d33745052c04a08014c40101c50ced310434ca71
MD5 hash:	287da49da975f78d508f567f9b29504a
humanhash:	twelve-romeo-tennis-ohio
File name:	wget.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	834 bytes
First seen:	2025-10-05 06:36:51 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	24:wX+YdfNI7EHK0O+Iw7jj1T5RqlITt38INdln:wX+Yd+EH/TIw7XR5RxR8Ijl
TLSH	T17E01EFEE677161A24A898DE470654864B02E93C273708F3E5DAB14F2D8D67083D36F69
Magika	asm
Reporter	abuse_ch
Tags:	mirai sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

43

Origin country :

DE

Vendor Threat Intelligence

ClamAV Detected

Detection(s):

Sanesecurity.Malware.32160.LX.BOT.UNOFFICIAL

Alert

Create hunting rule

FileScan.IO Malicious

Verdict:

Malicious

Threat level:

  10/10

Confidence:

100%

Tags:

evasive exploit mirai

Link:

https://www.filescan.io/uploads/68e2124a7c75fa33a277c683/reports/5883d199-c529-41a6-9a99-9294a6cbe465/overview

Kaspersky OpenTIP Malicious

Verdict:

Malicious

File Type:

text

First seen:

2025-10-04T18:30:00Z UTC

Last seen:

2025-10-07T00:05:00Z UTC

Hits:

~10

Link:

https://opentip.kaspersky.com/a63b46050effa36e92e958c6dda8311d572532dd1da1d02d82fa23b5914a8017/results?tab=lookup

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/3cac8773-95ae-4632-8d18-c97e94f4f79f

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/a63b46050effa36e92e958c6dda8311d572532dd1da1d02d82fa23b5914a8017

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/a63b46050effa36e92e958c6dda8311d572532dd1da1d02d82fa23b5914a8017/

ReversingLabs TitaniumCloud Linux.Trojan.Vigorf

Threat name:

Linux.Trojan.Vigorf

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-10-04 23:26:35 UTC

File Type:

Text (Shell)

AV detection:

19 of 38 (50.00%)

Threat level:

  5/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=uy5umbio76rw5exjlddn3kbrdvlskmw5dwq5almc7ir3lekkqalq._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/251005-hd166s1whx/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/a63b46050effa36e92e958c6dda8311d572532dd1da1d02d82fa23b5914a8017