MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 22f2a672f252b885ec3b6898323fcce8297e0425d8480bcd71f4b3863f759f3d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


NetSupport


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 22f2a672f252b885ec3b6898323fcce8297e0425d8480bcd71f4b3863f759f3d
SHA3-384 hash: 56e0b9c057ac8f61a59a95d6e86b28b2e69ec4769bc169ec57ba52512de8e3be207c507e5e609d87467440b181bba359
SHA1 hash: fe1feaac45cc6935a29b2f377f6b90cfe30af56f
MD5 hash: 702bde3e859d35ae51bf06c70e34ed56
humanhash: network-autumn-cardinal-hamper
File name:vpv.html
Download: download sample
Signature NetSupport
Create hunting rule
File size:17'619 bytes
First seen:2025-12-23 07:46:12 UTC
Last seen:Never
File type: html
MIME type:text/html
ssdeep 384:8zLkP3Sbc9mYG+YIPsnF/jUk4iIiwiyiiiMk4i+k4i8k4ihhbk4i/k4iFi7k4iK7:83A3SbMhRsnhjUkVlNbLMkV+kV8kVPb0
TLSH T1C2829619A61100169537C3A8AB739B8EF7724007834286693FEC52935FB6C95ADB3EDC
Magika html
Reporter JAMESWT_WT
Tags:185-39-19-95 77-90-60-32 accountspagemain-com booking html NetSupport rentalsmcx-com

Intelligence

File Origin
# of uploads :
1
# of downloads :
42
Origin country :
IT IT
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Score:
92.5%
Link:
https://cyber-fortress.com/docs/result/index.php?id=694a48c91f45795757239cf1
Tags:
virus click sage
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
aidetect base64 clickfix phishing powershell powershell
Link:
https://www.filescan.io/uploads/694a48c93f8fdbf8e94fab00/reports/f2bdf04d-a06f-445c-add1-1da3aef7b5a7/overview
Verdict:
Malicious
Labled as:
HTML/FakeCaptcha.BA trojan
Link:
https://www.hybrid-analysis.com/sample/22f2a672f252b885ec3b6898323fcce8297e0425d8480bcd71f4b3863f759f3d
Verdict:
Malicious
File Type:
html
First seen:
2025-12-21T10:01:00Z UTC
Last seen:
2025-12-24T04:01:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/22f2a672f252b885ec3b6898323fcce8297e0425d8480bcd71f4b3863f759f3d/results?tab=lookup
Score:
4%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/22f2a672f252b885ec3b6898323fcce8297e0425d8480bcd71f4b3863f759f3d
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/22f2a672f252b885ec3b6898323fcce8297e0425d8480bcd71f4b3863f759f3d/
Threat name:
Document-HTML.Trojan.ClickFix
Create hunting rule
Status:
Malicious
First seen:
2025-12-23 07:44:31 UTC
File Type:
Text (HTML)
Extracted files:
4
AV detection:
6 of 24 (25.00%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=elzkm4xskk4il3b3ncmdep6m5aux4bbf3beaxtlr6szymp3vt46q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.16
Link:
https://yomi.yoroi.company/submissions/22f2a672f252b885ec3b6898323fcce8297e0425d8480bcd71f4b3863f759f3d

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments