MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 395d88d4327073244d71e5378fe7d3742628bb3c53378726c276cdbcd0574f3b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 395d88d4327073244d71e5378fe7d3742628bb3c53378726c276cdbcd0574f3b
SHA3-384 hash: ef96da9adeffc7ed9597fc92a2150dae6d38b8f12e324adc25632dc1560461c89b7ea51481301f658bf193fea9afd7d2
SHA1 hash: 16e1771248c7cba1d2d1e367f77c50b80a4fff83
MD5 hash: a5888a4533a1d0cddbcbb6e66713ee1e
humanhash: crazy-carolina-four-early
File name:IMAGES____09494000000034004050066070707070.hta
Download: download sample
File size:102'713 bytes
First seen:2025-09-27 10:00:36 UTC
Last seen:2025-09-28 08:10:17 UTC
File type:HTML Application (hta) hta
MIME type:text/html
ssdeep 6:q43taxtWKe6mzyazVmykksmFWZT32g+V1X64mEF29chLYOokMw5MWXfGu:Tgx0KwNsLvl29DrF2ILqkMx8Gu
TLSH T1B7A320326D165D69807125F584FDAC5861DF4100724E1B31355D1447BB49E174C8298F
Magika html
Reporter abuse_ch
Tags:hta

Intelligence

File Origin
# of uploads :
2
# of downloads :
44
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=68d7b5ff91dd51f6514f245c
Tags:
n/a
Result
Verdict:
Clean
File Type:
HTA File
Link:
https://app.docguard.net/395d88d4327073244d71e5378fe7d3742628bb3c53378726c276cdbcd0574f3b/results/dashboard
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/395d88d4327073244d71e5378fe7d3742628bb3c53378726c276cdbcd0574f3b
Verdict:
Clean
File Type:
hta
Link:
https://opentip.kaspersky.com/395d88d4327073244d71e5378fe7d3742628bb3c53378726c276cdbcd0574f3b/results?tab=lookup
Result
Threat name:
n/a
Detection:
clean
Classification:
n/a
Score:
1 / 100
Link:
https://www.joesandbox.com/analysis/1785143
Behaviour
Behavior Graph:
n/a
Score:
2%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/395d88d4327073244d71e5378fe7d3742628bb3c53378726c276cdbcd0574f3b
Verdict:
inconclusive
YARA:
2 match(es)
Tags:
Html
Link:
https://app.malva.re/file/a5888a4533a1d0cddbcbb6e66713ee1e
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/395d88d4327073244d71e5378fe7d3742628bb3c53378726c276cdbcd0574f3b/
Verdict:
Clean
Link:
https://tip.neiki.dev/file/395d88d4327073244d71e5378fe7d3742628bb3c53378726c276cdbcd0574f3b
Threat name:
Text.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-09-27 10:04:30 UTC
File Type:
Text (HTML)
AV detection:
3 of 24 (12.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=hfoyrvbsobzsitlr4u3y7z6toqtcroz4km3yojwco3g3zucxj45q._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Link:
https://tria.ge/reports/250927-l2rjesam51/
Behaviour
System Location Discovery: System Language Discovery
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/395d88d4327073244d71e5378fe7d3742628bb3c53378726c276cdbcd0574f3b

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

HTML Application (hta) hta 395d88d4327073244d71e5378fe7d3742628bb3c53378726c276cdbcd0574f3b

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3631210/
  
Delivery method
Distributed via web download

Comments