MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 1ca1116a6f285f91959c4c7f46620be1086bec0a8da5444839b300eae8391120. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 7

Intelligence 7 IOCs YARA File information Comments

SHA256 hash:	1ca1116a6f285f91959c4c7f46620be1086bec0a8da5444839b300eae8391120
SHA3-384 hash:	22dcb14ece04426b32fd397ced7c4de46ce0e907bf032ae1b25d9813b2376e7f099d6c54cf28ff6c0fcd0d9a6670b58d
SHA1 hash:	33e1054121a3f9465ae886f86119b8685a1483a8
MD5 hash:	58194c4730c79d9dc629201ecb54f350
humanhash:	freddie-white-october-magnesium
File name:	DOCS_3311455193797305500178421_239465.zip
Download:	download sample
File size:	6'220 bytes
First seen:	2025-12-10 18:28:53 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	192:9vi9Z5I0SFV28FajamNvdlYvPgn4fMBLqc:ZQByV2UajnFEYiM9d
TLSH	T1D2D16CE11FC407C9C86F2346681BBA310EF5C248C9692E1D3269B6687F6EBF621C119D
Magika	zip
Reporter	Anonymous
Tags:	zip

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

File Archive Information

This file archive contains 2 file(s), sorted by their relevance:

File name:	00178421_239465.vbs
File size:	709 bytes
SHA256 hash:	d42d171f0f71e29858f53ba0a9af3e701d81951d42b19faac4bacee9b193dac7
MD5 hash:	1b05c72dc0b51beb2291bb8c047e3bda
MIME type:	text/plain

File name:	00178421_239465.mp3
File size:	6'380 bytes
SHA256 hash:	c46db001bd7ce82493279acee3fc1cdfbb43bc2f45210a34970dadac359167f8
MD5 hash:	dbdd2a5c1253e1cade9d79b098951fe6
MIME type:	audio/mpeg

Vendor Threat Intelligence

Details

Link:

https://research.acce.ciphertechsolutions.com/results/8dc251b6-44c1-487c-a24c-36fd9c97f7f8/

Detection(s):

Sanesecurity.Foxhole.JS_Zip_1v.UNOFFICIAL

SecuriteInfo.com.PUA.VBS-in-ZIP.UNOFFICIAL

Verdict:

Clean

Score:

99.9%

Link:

https://cyber-fortress.com/docs/result/index.php?id=6939bbf7a675b653bd0fceca

Tags:

n/a

Verdict:

Malicious

Threat level:

10/10

Confidence:

100%

Tags:

obfuscated

Link:

https://www.filescan.io/uploads/6939bbf5900ee247e8416d8c/reports/5c4e31e2-3946-4bcd-9056-9d7bde0814a5/overview

Verdict:

Unknown

Link:

https://www.hybrid-analysis.com/sample/1ca1116a6f285f91959c4c7f46620be1086bec0a8da5444839b300eae8391120

Result

Verdict:

UNKNOWN

Link:

https://labs.inquest.net/dfi/sha256/1ca1116a6f285f91959c4c7f46620be1086bec0a8da5444839b300eae8391120

Verdict:

Malicious

File Type:

zip

First seen:

2025-12-11T04:46:00Z UTC

Last seen:

2025-12-11T05:13:00Z UTC

Hits:

~10

Link:

https://opentip.kaspersky.com/1ca1116a6f285f91959c4c7f46620be1086bec0a8da5444839b300eae8391120/results?tab=lookup

Verdict:

Malware

YARA:

2 match(es)

Tags:

Zip Archive

Link:

https://app.malva.re/file/58194c4730c79d9dc629201ecb54f350

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/1ca1116a6f285f91959c4c7f46620be1086bec0a8da5444839b300eae8391120/

Threat name:

Win32.Trojan.Generic

Status:

Suspicious

First seen:

2025-12-10 18:23:35 UTC

File Type:

Binary (Archive)

Extracted files:

AV detection:

7 of 24 (29.17%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=dsqrc2tpfbpzdfm4jr7umyql4eegx3akrwsuisbzwmaov2bzceqa._file

Result

Malware family:

n/a

Score:

8/10

Tags:

n/a

Link:

https://tria.ge/reports/251210-xl1yps1jdp/

Behaviour

Badlisted process makes network request

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/1ca1116a6f285f91959c4c7f46620be1086bec0a8da5444839b300eae8391120

File information

The table below shows additional information about this malware sample such as delivery method and external references.

No further information available

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample