MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 42a7b0648903a5042b9e5b43e465e0b6a7ca2a0d09050d8053d5a19507ee29b3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 42a7b0648903a5042b9e5b43e465e0b6a7ca2a0d09050d8053d5a19507ee29b3
SHA3-384 hash: 3bb701bbcec0407cd153dad1e0269f5209346f23de9a393155d52b36c297cf3506fa33041350e1f12663809ce8c337d3
SHA1 hash: c5bf1c799d7cc0b941c00ac2338c79aeaef0bba2
MD5 hash: 4c22523996fddc145721cc03e293a01d
humanhash: bravo-lion-snake-september
File name:Capcha.html
Download: download sample
File size:9'127 bytes
First seen:2024-12-18 07:35:02 UTC
Last seen:Never
File type: html
MIME type:text/html
ssdeep 96:SIanUzJOG0Fkwj6BDwpnUzJOG0FkYLd9YLdtUzJOG0FkYLdLr60bVWMemtiR2BcB:SIIUzET6BDQUzEQUzELr6YW72+c/XKLn
TLSH T14C12C85BB78803314EF1537E141C4BBAEB13A83C96B48F51988DE07A3622919763F5DE
TrID 80.6% (.HTM/HTML) HyperText Markup Language with DOCTYPE (12501/2/4)
19.3% (.HTML) HyperText Markup Language (3000/1/1)
Magika html
Reporter JAMESWT_WT
Tags:92-255-57-155 booking html

Intelligence

File Origin
# of uploads :
1
# of downloads :
125
Origin country :
IT IT
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.JS.Obfus-2486.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
94.1%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67627c6e8fb73f13afd15255
Tags:
virus sage remo
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
powershell
Link:
https://www.filescan.io/uploads/67627b2c41118fded02dfd6c/reports/500a18c2-6813-4b22-a63c-b1c22b01adf8/overview
Verdict:
Malicious
Labled as:
BZC.UGZ.Boxter.1.376DE12A;BZC.UGZ.Boxter.1
Link:
https://www.hybrid-analysis.com/sample/42a7b0648903a5042b9e5b43e465e0b6a7ca2a0d09050d8053d5a19507ee29b3
Result
Verdict:
MALICIOUS
Result
Threat name:
n/a
Detection:
malicious
Classification:
phis
Score:
52 / 100
Link:
https://www.joesandbox.com/analysis/1577176
Signature
Detected javascript redirector / loader
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
Score:
1%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/42a7b0648903a5042b9e5b43e465e0b6a7ca2a0d09050d8053d5a19507ee29b3
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/42a7b0648903a5042b9e5b43e465e0b6a7ca2a0d09050d8053d5a19507ee29b3/
Threat name:
Document-HTML.Trojan.Boxter
Create hunting rule
Status:
Malicious
First seen:
2024-12-12 19:43:55 UTC
File Type:
Text (HTML)
Extracted files:
1
AV detection:
7 of 23 (30.43%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ikt3azejaosqik46lnb6izpaw2t4ukqnbecq3act2wqzkb7ofgzq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments