MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2b584a5e7c037e9f47fb2c59d4590979ba01536f4fbed010e917b9f35b5be674. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 10


Intelligence 10 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2b584a5e7c037e9f47fb2c59d4590979ba01536f4fbed010e917b9f35b5be674
SHA3-384 hash: 19db3278db17e3db823562bfb85b1bf8de50bb570523676d5fd1ab8c20c6cf36287453be4c1e77361108d0422e118a82
SHA1 hash: 3555769e1e3b91323378cd1ac14cf23b53928fcd
MD5 hash: 252e6168a08690c939a6e38203745622
humanhash: wolfram-don-queen-chicken
File name:Request for General Cargo Quotation.js
Download: download sample
File size:315'482 bytes
First seen:2026-04-17 14:11:49 UTC
Last seen:Never
File type:Java Script (JS) js
MIME type:text/plain
ssdeep 6144:HYrihF3kkfX/NOh5VbWB3Il+UYon3uny92elwszoajD7KRbXH:4rihF3hv/NOhbbWB3I4TNo1n1Yb3
TLSH T1EE641138EDEA401AB1B3EF55AED47493E92FBB73370E58581081034A4723949EDD963E
TrID 66.6% (.TXT) Text - UTF-16 (LE) encoded (2000/1)
33.3% (.MP3) MP3 audio (1000/1)
Magika txt
Reporter abuse_ch
Tags:js

Intelligence

File Origin
# of uploads :
1
# of downloads :
99
Origin country :
SE SE
Vendor Threat Intelligence
No detections
Detection(s):
Sanesecurity.Malware.26700.JsHeur.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
95.7%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69e23fb1f68adfe1003ac4df
Tags:
virus
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
encrypted repaired
Link:
https://www.filescan.io/uploads/69e23fd9c33dc5a985da9777/reports/83a08671-f5aa-4aba-8fef-033e1ea8eb0e/overview
Verdict:
Malicious
Labled as:
Trojan.Generic
Link:
https://www.hybrid-analysis.com/sample/2b584a5e7c037e9f47fb2c59d4590979ba01536f4fbed010e917b9f35b5be674
Verdict:
Malicious
File Type:
js
First seen:
2026-04-16T06:18:00Z UTC
Last seen:
2026-04-19T11:51:00Z UTC
Hits:
~100
Detections:
HEUR:Trojan-Downloader.Script.Generic HEUR:Trojan.Script.Generic
Link:
https://opentip.kaspersky.com/2b584a5e7c037e9f47fb2c59d4590979ba01536f4fbed010e917b9f35b5be674/results?tab=lookup
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
60 / 100
Link:
https://www.joesandbox.com/analysis/1900190
Signature
Joe Sandbox ML detected suspicious sample
Multi AV Scanner detection for submitted file
Sigma detected: WScript or CScript Dropper
Windows Scripting host queries suspicious COM object (likely to drop second stage)
Behaviour
Behavior Graph:
Download SVG
Score:
99%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/2b584a5e7c037e9f47fb2c59d4590979ba01536f4fbed010e917b9f35b5be674
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/2b584a5e7c037e9f47fb2c59d4590979ba01536f4fbed010e917b9f35b5be674/
Verdict:
Malicious
Threat:
Trojan.Script
Link:
https://tip.neiki.dev/file/2b584a5e7c037e9f47fb2c59d4590979ba01536f4fbed010e917b9f35b5be674
Threat name:
Script-JS.Trojan.Redirector
Create hunting rule
Status:
Malicious
First seen:
2026-04-16 12:09:24 UTC
File Type:
Text (JavaScript)
AV detection:
7 of 36 (19.44%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=fnmeuxt4an7j6r73frm5iwijpg5acu3pj67naehjc647gw234z2a._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
execution
Link:
https://tria.ge/reports/260417-rh63nabx5t/
Behaviour
Command and Scripting Interpreter: JavaScript
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/2b584a5e7c037e9f47fb2c59d4590979ba01536f4fbed010e917b9f35b5be674

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments