MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 02ab440c2c576329b510ecf01709110a6efdd8e880bb50ad2bcd9011aaca0289. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 02ab440c2c576329b510ecf01709110a6efdd8e880bb50ad2bcd9011aaca0289
SHA3-384 hash: b6bd940c53aa6507c135eecb8553bf7931bcc926b98ff7bebab02cb4a66eb25dc891f0860af99dc4a21ce78a79a50d81
SHA1 hash: 18e452d4f29ad95794b5bd8dda7d1733ba451cc8
MD5 hash: 0ad44cf79520a150ccedbb5773f0bab4
humanhash: spaghetti-romeo-ink-mirror
File name:document.hta
Download: download sample
File size:7'372 bytes
First seen:2025-12-30 13:48:48 UTC
Last seen:Never
File type:HTML Application (hta) hta
MIME type:text/html
ssdeep 192:OZBRlIE/CTK/eRBn0llHYoHsfOBro2Tc/OMSmy:O9L/8BwYoHsfO2/W
TLSH T111E1B69AACF72419B417506DCBBFA2183069A057474ACD9CFDCC75ACDF0C2A49622FD8
TrID 80.6% (.HTM/HTML) HyperText Markup Language with DOCTYPE (12501/2/4)
19.3% (.HTML) HyperText Markup Language (3000/1/1)
Magika html
Reporter abuse_ch
Tags:hta

Intelligence

File Origin
# of uploads :
1
# of downloads :
52
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Clean
Score:
82.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6953d8587468b4bd1c8ee5dd
Tags:
n/a
Result
Verdict:
Malicious
File Type:
HTA File - Malicious
Link:
https://app.docguard.net/02ab440c2c576329b510ecf01709110a6efdd8e880bb50ad2bcd9011aaca0289/results/dashboard
Payload URLs
URL
File name
https://yfdnza.com/?dn=life-captcha.com&pid=9PO755G95
HTA File
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6953d853890121539b2c85b0/reports/588a64a3-b330-4594-a009-d0be8d1997d7/overview
Verdict:
Malicious
Labled as:
HTML/ScrInject.B trojan
Link:
https://www.hybrid-analysis.com/sample/02ab440c2c576329b510ecf01709110a6efdd8e880bb50ad2bcd9011aaca0289
Verdict:
Clean
File Type:
html
First seen:
2025-12-30T16:27:00Z UTC
Last seen:
2025-12-30T16:32:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/02ab440c2c576329b510ecf01709110a6efdd8e880bb50ad2bcd9011aaca0289/results?tab=lookup
Result
Threat name:
n/a
Detection:
malicious
Classification:
spyw
Score:
52 / 100
Link:
https://www.joesandbox.com/analysis/1842071
Signature
Multi AV Scanner detection for submitted file
Opens network shares
Behaviour
Behavior Graph:
Download SVG
Score:
14%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/02ab440c2c576329b510ecf01709110a6efdd8e880bb50ad2bcd9011aaca0289
Verdict:
inconclusive
YARA:
2 match(es)
Tags:
Html
Link:
https://app.malva.re/file/0ad44cf79520a150ccedbb5773f0bab4
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/02ab440c2c576329b510ecf01709110a6efdd8e880bb50ad2bcd9011aaca0289/
Verdict:
Malicious
Link:
https://tip.neiki.dev/file/02ab440c2c576329b510ecf01709110a6efdd8e880bb50ad2bcd9011aaca0289
Threat name:
Document-HTML.Trojan.Redirector
Create hunting rule
Status:
Malicious
First seen:
2025-12-30 13:49:11 UTC
File Type:
Text (HTML)
Extracted files:
5
AV detection:
5 of 23 (21.74%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=akvuidbmk5rstniq5tybocirbjxp3whiqc5vbljlzwibdkwkakeq._file
Gathering data
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/02ab440c2c576329b510ecf01709110a6efdd8e880bb50ad2bcd9011aaca0289

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

HTML Application (hta) hta 02ab440c2c576329b510ecf01709110a6efdd8e880bb50ad2bcd9011aaca0289

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3512331/
  
Delivery method
Distributed via web download

Comments