MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c48c252e93de1a98c786d08919c28ef4bf791e3bdbfef352a405bd3527467949. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	c48c252e93de1a98c786d08919c28ef4bf791e3bdbfef352a405bd3527467949
SHA3-384 hash:	a563e944ef0c4b86f9050c325d21a242a080f58ab04f3809f228cd762d0f5a85c9120226728b10a196436c7e8d845601
SHA1 hash:	de290fc8487e018e554b21681e1e6c2c08a28a8e
MD5 hash:	916787c5f5790108aeaf58f498ae283e
humanhash:	mirror-river-island-leopard
File name:	curl.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	728 bytes
First seen:	2025-07-06 10:54:01 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	12:3J3u6DnwpuYH9auYxF2uYsQeidTCznSiVJwSk7htz0vn:3J37nisFQvdTCr7LwP91gn
TLSH	T10A01DBA85061FE77022CFEA5F571575FB040E5889BAD0794AE23082ECCF9E5232A4656
Magika	txt
Reporter	abuse_ch
Tags:	sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

26

Origin country :

DE

Vendor Threat Intelligence

ClamAV Detected

Detection(s):

SecuriteInfo.com.Linux.Downloader-33.UNOFFICIAL

Alert

Create hunting rule

CyberFortress Malicious

Verdict:

Malicious

Score:

94.9%

Link:

https://cyber-fortress.com/docs/result/index.php?id=686a55e0900df8e7f867a139linux22vpnfull_triage

Tags:

trojan agent hype

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/e72ff76b-d963-4cf5-9cd2-58aa0806f11f

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/c48c252e93de1a98c786d08919c28ef4bf791e3bdbfef352a405bd3527467949

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/c48c252e93de1a98c786d08919c28ef4bf791e3bdbfef352a405bd3527467949/

Neiki Document-HTML.Downloader.Heuristic

Verdict:

Malicious

Threat:

Document-HTML.Downloader.Heuristic

Link:

https://tip.neiki.dev/file/c48c252e93de1a98c786d08919c28ef4bf791e3bdbfef352a405bd3527467949

ReversingLabs TitaniumCloud Document-HTML.Trojan.Heuristic

Threat name:

Document-HTML.Trojan.Heuristic

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-07-06 10:54:23 UTC

File Type:

Text (Shell)

AV detection:

10 of 24 (41.67%)

Threat level:

  2/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=ysgcklut3ynjrr4g2certquo6s7xshr33p7pguveaw6tkj2gpfeq._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/250706-mzpgqawpz7/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Legit

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/c48c252e93de1a98c786d08919c28ef4bf791e3bdbfef352a405bd3527467949