MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2c10cf76818a0fda800dac1fec0a3b0e91523e5a73ee9458ba1534d3230656d4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 8

Intelligence 8 IOCs YARA File information Comments

SHA256 hash:	2c10cf76818a0fda800dac1fec0a3b0e91523e5a73ee9458ba1534d3230656d4
SHA3-384 hash:	be2e605dc74ecad163951d8ac96d27c0ff06b9022a1c60b61c0e8d6f162b7f180620bd7e504dc961f0cbd1e40b442c92
SHA1 hash:	846bd29235ff32cf5254029fe198e25229e6581b
MD5 hash:	971680a6e8f10304aee20162c0610729
humanhash:	hawaii-victor-winner-violet
File name:	R02-Supply of CuNi Pipe 00634.js
Download:	download sample
File size:	284'742 bytes
First seen:	2026-04-15 07:58:30 UTC
Last seen:	Never
File type:	js
MIME type:	text/plain
ssdeep	6144:ZZzXVGI5wtdLgTUZCVnGLtWy6lQccNMYaE0SyYeBu8zblyESD:ZtVGI5wtdLgTUZCVgtWy6ycc2t2obwR
TLSH	T147540D3CADEA002A7173EE54AED47497E92FB763370E589910C10386472394AFDD963E
TrID	66.6% (.TXT) Text - UTF-16 (LE) encoded (2000/1) 33.3% (.MP3) MP3 audio (1000/1)
Magika	txt
Reporter	abuse_ch
Tags:	js

Intelligence

File Origin

# of uploads :

# of downloads :

115

Origin country :

Vendor Threat Intelligence

No detections

Detection(s):

Sanesecurity.Malware.26700.JsHeur.UNOFFICIAL

Verdict:

Clean

Score:

99.9%

Link:

https://cyber-fortress.com/docs/result/index.php?id=69df469345787c53e539dfaa

Tags:

n/a

Verdict:

Malicious

Threat level:

10/10

Confidence:

100%

Tags:

divergent repaired

Link:

https://www.filescan.io/uploads/69df46513a506932d7c13551/reports/45f32df4-e568-4347-a56f-c7e7731e728c/overview

Verdict:

Unknown

Link:

https://www.hybrid-analysis.com/sample/2c10cf76818a0fda800dac1fec0a3b0e91523e5a73ee9458ba1534d3230656d4

Verdict:

Malicious

File Type:

First seen:

2026-04-14T21:46:00Z UTC

Last seen:

2026-04-17T05:13:00Z UTC

Hits:

~1000

Detections:

HEUR:Trojan-Downloader.Script.Generic

Link:

https://opentip.kaspersky.com/2c10cf76818a0fda800dac1fec0a3b0e91523e5a73ee9458ba1534d3230656d4/results?tab=lookup

Result

Threat name:

n/a

Detection:

malicious

Classification:

n/a

Score:

60 / 100

Link:

https://www.joesandbox.com/analysis/1898501

Signature

Joe Sandbox ML detected suspicious sample

Multi AV Scanner detection for submitted file

Sigma detected: WScript or CScript Dropper

Windows Scripting host queries suspicious COM object (likely to drop second stage)

Behaviour

Behavior Graph:

Download SVG

Score:

99%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/2c10cf76818a0fda800dac1fec0a3b0e91523e5a73ee9458ba1534d3230656d4

Gathering data

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/2c10cf76818a0fda800dac1fec0a3b0e91523e5a73ee9458ba1534d3230656d4/

Verdict:

Malicious

Threat:

Trojan-Downloader.Script

Link:

https://tip.neiki.dev/file/2c10cf76818a0fda800dac1fec0a3b0e91523e5a73ee9458ba1534d3230656d4

Threat name:

Win32.Trojan.Kepavll

Status:

Malicious

First seen:

2026-04-15 04:46:32 UTC

File Type:

Text (JavaScript)

AV detection:

7 of 38 (18.42%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=fqim65ubrih5vaanvqp6ycr3b2iveps2opxjiwf2cu2ngiygk3ka._file

Result

Malware family:

n/a

Score:

3/10

Tags:

execution

Link:

https://tria.ge/reports/260415-jxn7dsct4v/

Behaviour

Command and Scripting Interpreter: JavaScript

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/2c10cf76818a0fda800dac1fec0a3b0e91523e5a73ee9458ba1534d3230656d4

File information

The table below shows additional information about this malware sample such as delivery method and external references.

No further information available

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample