5fa825564b4ede126005a88ba9efbb54
Hash
- MD5: 5fa825564b4ede126005a88ba9efbb54
- SHA1: 2e763321936858b8a566eaadcaf5a7ce064bbad0
- SHA256: 2a10ffe0367bb1b26ba2c3bc600892c21074725c0b8c9dc9161e6ceb33915460
- First Seen: 2026-05-27
- Last Seen: 2026-05-27
-
1
Related Reports
-
0
Related IOCs
Additional Information
MalwareBazaar
{
"query_status": "ok",
"data": [
{
"sha256_hash": "2a10ffe0367bb1b26ba2c3bc600892c21074725c0b8c9dc9161e6ceb33915460",
"sha3_384_hash": "2fc7e6803a1445e8364317a64d49c455872f4f2f8e47bc636fd3a26861536d8e33e8b16a3e7921560dc641246b6d9c0e",
"sha1_hash": "2e763321936858b8a566eaadcaf5a7ce064bbad0",
"md5_hash": "5fa825564b4ede126005a88ba9efbb54",
"first_seen": "2026-04-07 23:12:52",
"last_seen": null,
"file_name": "install.sh",
"file_size": 463,
"file_type_mime": "text/plain",
"file_type": "sh",
"file_format": null,
"file_arch": null,
"reporter": "johnk3r",
"origin_country": "CH",
"anonymous": 0,
"signature": null,
"imphash": null,
"tlsh": "T176F0DC841EBC96F603C6A824363011DC606E35BE3EC7370170C224EAB27B8009F67B36",
"telfhash": null,
"gimphash": null,
"ssdeep": "12:JMxwKuMPazNpDmvOKu3WDHFUpOKu3W3RIZOKuzXIQOKuT:u2rEMWOr3WjkOr3W3RIZOrzDOrT",
"magika": "shell",
"dhash_icon": null,
"trid": null,
"comment": null,
"archive_pw": null,
"tags": [
"89-36-224-5",
"sh"
],
"code_sign": null,
"delivery_method": null,
"intelligence": {
"clamav": null,
"downloads": "45",
"uploads": "1",
"mail": null
},
"file_information": null,
"ole_information": [],
"yara_rules": null,
"vendor_intel": {
"CERT-PL_MWDB": {
"detection": null,
"link": "https://mwdb.cert.pl/sample/2a10ffe0367bb1b26ba2c3bc600892c21074725c0b8c9dc9161e6ceb33915460/"
},
"YOROI_YOMI": {
"detection": "Legit File",
"score": "0.00"
},
"Triage": {
"malware_family": null,
"score": "3",
"link": "https://tria.ge/reports/260407-27k7ladw2p/",
"tags": [],
"signatures": [
{
"signature": "Enumerates physical storage devices",
"score": "3"
},
{
"signature": "Modifies registry class",
"score": null
},
{
"signature": "Suspicious use of SetWindowsHookEx",
"score": null
}
],
"malware_config": []
},
"ReversingLabs": {
"threat_name": null,
"status": "KNOWN",
"first_seen": "2026-04-07 23:13:22",
"scanner_count": "24",
"scanner_match": "0",
"scanner_percent": "0.00"
},
"Spamhaus_HBL": [
{
"detection": "suspicious",
"link": "https://www.spamhaus.org/hbl/"
}
],
"FileScan-IO": {
"verdict": "SUSPICIOUS",
"threatlevel": "0.5",
"confidence": "1.0",
"report_link": "https://www.filescan.io/uploads/69d58f922346b9da57c69280/reports/d26033d2-87f7-495d-aca2-aaa1f0d52eea/overview"
},
"Kaspersky": {
"verdict": "NoThreats",
"file_type": "unix shell",
"first_seen": "",
"last_seen": "",
"hitscount": 0,
"report_link": "https://opentip.kaspersky.com/2a10ffe0367bb1b26ba2c3bc600892c21074725c0b8c9dc9161e6ceb33915460/results?tab=lookup",
"detections": []
}
},
"comments": null
}
]
}