MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2618a067e976f35f65aee95fecc9a8f52abea2fffd01e001f9865850435694cf. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


BeaverTail


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2618a067e976f35f65aee95fecc9a8f52abea2fffd01e001f9865850435694cf
SHA3-384 hash: 68c5a9935fe21cba4491a278417218043ed8239f1d55fde2549b58aa0968287fbba26ace7f6d51d2bc870f161ab30c42
SHA1 hash: 2663f96850c634673d982cf8bd26f80cc616f51a
MD5 hash: c0164d2eb0494a4879f67f3b90ed3ae3
humanhash: skylark-angel-steak-echo
File name:setupTests.js
Download: download sample
Signature BeaverTail
Create hunting rule
File size:7'246 bytes
First seen:2023-12-22 08:23:32 UTC
Last seen:Never
File type:Java Script (JS) js
MIME type:text/plain
ssdeep 192:SnouyrVfC9Cn16BPItml1Hgppm+pPgPO9PlE3ZGLIhKtX2xbMu2hZWglsovh0G8O:SnoZCmKPWml1ATAolE0LhgCmG8uKy
TLSH T1C2E10BA2B3B3D256039400D9E4395A51D56959487C6A40E2FA3F8F433D471EE38B7FB8
Reporter smica83
Tags:BeaverTail js Lazarus

Intelligence

File Origin
# of uploads :
1
# of downloads :
155
Origin country :
HU HU
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Other.Malware-gen.7871.8966.UNOFFICIAL
Create hunting rule

Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
masquerade
Link:
https://www.filescan.io/uploads/658547a6f4b6e5e163547467/reports/0b40adea-9576-4827-994a-245b130faa02/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/2618a067e976f35f65aee95fecc9a8f52abea2fffd01e001f9865850435694cf
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1366299
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/2618a067e976f35f65aee95fecc9a8f52abea2fffd01e001f9865850435694cf/
Threat name:
Script-JS.Trojan.Beavertail
Create hunting rule
Status:
Malicious
First seen:
2023-09-27 12:45:11 UTC
File Type:
Text (JavaScript)
AV detection:
14 of 37 (37.84%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=eymkaz7jo3zv6zno5fp6zsni6uvl5ix77ua6aapzqzmfaq2wsthq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/2618a067e976f35f65aee95fecc9a8f52abea2fffd01e001f9865850435694cf

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Link
https://unit42.paloaltonetworks.com/two-campaigns-by-north-korea-bad-actors-target-job-hunters/

Comments