MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c0dfdacb0cd75b71c9ad81cb6cb9228798e8788910cc9f98a1e524824fc3f288. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	c0dfdacb0cd75b71c9ad81cb6cb9228798e8788910cc9f98a1e524824fc3f288
SHA3-384 hash:	f27db0b6668335f03d782ad921052032c78457e1bdfb286e2b3acb86219c0db6778a5161127ced05873e6802ab2839bf
SHA1 hash:	2acffbfe4fe4a874c9026c1acb52427c73f51648
MD5 hash:	763563fc4063ddf07c9857e9322d6d78
humanhash:	zulu-hot-harry-berlin
File name:	wget.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	1'965 bytes
First seen:	2025-09-14 12:23:25 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	48:etpm6CpRbLp4IwpmqpqppdR+p1n4pDBWkpm6vpEU1peyapZNRvpEQ:etpm6CpRbLp4Iwpmqpqppz+p1n4pDBt2
TLSH	T1B941F1E625DA628DDA8F0C2D50453EF9158FF64A3B1F4D68C28A207B78C6D016058DCB
Magika	txt
Reporter	abuse_ch
Tags:	sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

35

Origin country :

DE

Vendor Threat Intelligence

FileScan.IO Likely Malicious

Verdict:

Likely Malicious

Threat level:

  7.5/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/68c6b9a17328794829299c15/reports/8ffb66bb-23e8-42f2-8243-fdc80aac75dd/overview

Kaspersky OpenTIP Malicious

Verdict:

Malicious

File Type:

ps1

First seen:

2025-08-20T21:22:00Z UTC

Last seen:

2025-08-20T21:22:00Z UTC

Hits:

~10

Link:

https://opentip.kaspersky.com/c0dfdacb0cd75b71c9ad81cb6cb9228798e8788910cc9f98a1e524824fc3f288/results?tab=lookup

Kunai Sandbox

Status:

Failed

Link:

https://sandbox.kunai.rocks/analysis/d00a8e0c-3577-479b-a1f6-41e8cf9c6715

Nucleon Malprob Malware

Score:

92%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/c0dfdacb0cd75b71c9ad81cb6cb9228798e8788910cc9f98a1e524824fc3f288

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/c0dfdacb0cd75b71c9ad81cb6cb9228798e8788910cc9f98a1e524824fc3f288/

ReversingLabs TitaniumCloud Document-HTML.Downloader.Heuristic

Threat name:

Document-HTML.Downloader.Heuristic

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-09-14 13:03:34 UTC

File Type:

Text

AV detection:

13 of 24 (54.17%)

Threat level:

  2/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=ydp5vsym25nxdsnnqhfwzojcq6moq6ejcdgj7gfb4usiet6d6kea._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/250914-p1sxmsaj3x/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/c0dfdacb0cd75b71c9ad81cb6cb9228798e8788910cc9f98a1e524824fc3f288