MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d0d85fd16b8f40e32fe410bd667b1e9bad0f9f9f5781fd9e7cf421b2ca8b72ef. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

SHA256 hash:	d0d85fd16b8f40e32fe410bd667b1e9bad0f9f9f5781fd9e7cf421b2ca8b72ef
SHA3-384 hash:	6678820f62dd977a33ffa958daede6ccbe1129d3fb0120f1f8a03ec6c8084797f4348321597ed6b9ffb9804d8564fcd8
SHA1 hash:	5c3e35df552a63b44b234f95b1b982653dc921f4
MD5 hash:	c928efd2713ea04655a62d258e622954
humanhash:	september-zebra-blossom-sink
File name:	curl.sh
Download:	download sample
Signature	Mirai Alert Create hunting rule
File size:	979 bytes
First seen:	2025-06-29 22:38:30 UTC
Last seen:	Never
File type:	sh
MIME type:	text/plain
ssdeep	24:3J3haBlaB2aBYGNINQaBMK4aBpaBAaBdfaBwGaBFiaB1aBrf:LaBlaB2aBfaBMbaBpaBAaBdfaBwGaBFO
TLSH	T1B111E6DE0259390723359E11B8296A09F8AFC0D4B8F48110F4EDC6B3EEB903C44B0F9A
Magika	txt
Reporter	abuse_ch
Tags:	sh

Intelligence

---

File Origin

# of uploads :

1

# of downloads :

79

Origin country :

DE

Vendor Threat Intelligence

ClamAV Detected

Detection(s):

Sanesecurity.Malware.32158.LX.BOT.UNOFFICIAL

Alert

Create hunting rule

SecuriteInfo.com.Linux.Downloader-33.UNOFFICIAL

Alert

Create hunting rule

CyberFortress Clean

Verdict:

Clean

Score:

99.9%

Link:

https://cyber-fortress.com/docs/result/index.php?id=6861c2ad37c34367794768bc

Tags:

n/a

Kunai Sandbox

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/f98fa678-9f16-41b8-8bcc-a2f84988885d

Behavior Graph:

Download SVG

Nucleon Malprob Malware

Score:

100%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/d0d85fd16b8f40e32fe410bd667b1e9bad0f9f9f5781fd9e7cf421b2ca8b72ef

CERT.PL MWDB

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/d0d85fd16b8f40e32fe410bd667b1e9bad0f9f9f5781fd9e7cf421b2ca8b72ef/

ReversingLabs TitaniumCloud Document-HTML.Downloader.Heuristic

Threat name:

Document-HTML.Downloader.Heuristic

Alert

Create hunting rule

Status:

Malicious

First seen:

2025-06-29 22:41:24 UTC

File Type:

Text

AV detection:

9 of 24 (37.50%)

Threat level:

  2/5

Spamhaus Hash Blocklist Suspicious file

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=2dmf7ullr5aogl7ecc6wm6y6towq7h47k6a73ht46qq3fsulolxq._file

Hatching Triage Unknown

Result

Malware family:

n/a

Score:

  3/10

Tags:

n/a

Link:

https://tria.ge/reports/250629-2lsdsaszc1/

Behaviour

Modifies registry class

Suspicious use of SetWindowsHookEx

Enumerates physical storage devices

VirusTotal

Please note that we are no longer able to provide a coverage score for Virus Total.

YOROI YOMI Malicious File

Threat name:

Malicious File

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/d0d85fd16b8f40e32fe410bd667b1e9bad0f9f9f5781fd9e7cf421b2ca8b72ef