diff --git a/analyzers/Virusshare/getHashes.sh b/analyzers/Virusshare/getHashes.sh
new file mode 100644
index 000000000..5edd4062a
--- /dev/null
+++ b/analyzers/Virusshare/getHashes.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+# This script downloads all available Virusshare.com hash files using curl and wget. It can be called as: ./getHashes.sh PATH
+
+
+display_usage() { 
+    echo "getHashes v0.1" 
+    echo "  Fetch all Virusshare.com hashes" 
+    echo -e "\n  Usage: $0 <path> \n"
+} 
+
+if [  $# -ne 1 ]; then 
+    display_usage
+    exit 1
+fi
+
+if [ ! -d $1 ]; then
+    display_usage
+    echo -e "    Error: Directory not found: '$1'\n\n    :'(\n\n"
+    exit 1
+
+fi
+
+cd $1
+for u in `curl https://virusshare.com/hashes.4n6|grep hashes/|cut -d\" -f2`
+do
+    echo $u
+    wget https://virusshare.com/$u
+done | tee -a ../$0.log
+cd ..
diff --git a/analyzers/Virusshare/virusshare.py b/analyzers/Virusshare/virusshare.py
index abc23313b..44ec02cab 100755
--- a/analyzers/Virusshare/virusshare.py
+++ b/analyzers/Virusshare/virusshare.py
@@ -28,7 +28,7 @@ def summary(self, raw):
         value = "\"Unknown\""
 
         if raw["isonvs"]:
-            if raw["isonvs"] == "Unknown":
+            if raw["isonvs"] == "unknown":
                 value = "\"Not MD5\""
                 level = "suspicious"
             else:
@@ -67,7 +67,7 @@ def run(self):
                     # Skipping comments
                     if line[0] == '#':
                         continue
-                    if line.strip('\n') == searchhash:
+                    if searchhash.lower() in line:
                         self.report({'isonvs': True,
                                      'md5': searchhash})
         self.report({'isonvs': False,