MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 42d34a7da8744c9c543dfa15f559eecd7ca6208cd9ce657363ae4de3fef1098c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Braodo


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 42d34a7da8744c9c543dfa15f559eecd7ca6208cd9ce657363ae4de3fef1098c
SHA3-384 hash: 566d9c3f35404496cabddb78ad27b8b7c691f289781d9ff86c3cc3914891052105564e1cdb072a6b03f559886958633b
SHA1 hash: 83711659cefcbf87d78560f3567f969f6995e0c3
MD5 hash: 4c98c3a83a09a80a540d75a78b1aa591
humanhash: oxygen-arkansas-lemon-utah
File name:ud.js
Download: download sample
Signature Braodo
Create hunting rule
File size:1'351'217 bytes
First seen:2026-03-13 10:05:08 UTC
Last seen:Never
File type:Java Script (JS) js
MIME type:text/plain
ssdeep 24576:uNs2GhZwiNs2GhZwiNs2GhZwiNs2GhZwuNs2GhZwiNs2GhZwiNs2GhZwiNs2GhZ1:u4hj4hj4hj4hz4hj4hj4hj4hz
TLSH T1CD5502968F272FDA6C392A8D04BE6B85C89C5D333C23C4F6DDDA150FC13859A1592E1B
TrID 45.4% (.MP3) MP3 audio (ID3 v1.x tag) (2500/1/1)
36.3% (.TXT) Text - UTF-16 (LE) encoded (2000/1)
18.1% (.MP3) MP3 audio (1000/1)
Magika txt
Reporter JAMESWT_WT
Tags:Braodo github-com--m1-nc js

Intelligence

File Origin
# of uploads :
1
# of downloads :
147
Origin country :
IT IT
Vendor Threat Intelligence
No detections
Detection(s):
Sanesecurity.Malware.BadBatObs.31934.UNOFFICIAL
Create hunting rule

Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69b3e1709872190419bfe504
Tags:
n/a
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
obfuscated repaired
Link:
https://www.filescan.io/uploads/69b3e16a2000fc76c3d9d589/reports/90a8a9ca-4923-4ea7-b9fc-f1ead62ce2ad/overview
Verdict:
Suspicious
Link:
https://www.hybrid-analysis.com/sample/42d34a7da8744c9c543dfa15f559eecd7ca6208cd9ce657363ae4de3fef1098c
Verdict:
Malicious
File Type:
text
Detections:
HEUR:Trojan.BAT.Agent.gen Trojan.PowerShell.Starter.sb
Link:
https://opentip.kaspersky.com/42d34a7da8744c9c543dfa15f559eecd7ca6208cd9ce657363ae4de3fef1098c/results?tab=lookup
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/42d34a7da8744c9c543dfa15f559eecd7ca6208cd9ce657363ae4de3fef1098c/
Verdict:
Malicious
Threat:
Trojan.PowerShell.Starter
Link:
https://tip.neiki.dev/file/42d34a7da8744c9c543dfa15f559eecd7ca6208cd9ce657363ae4de3fef1098c
Threat name:
Text.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-02-12 21:05:21 UTC
File Type:
Text (Batch)
AV detection:
4 of 24 (16.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=iljuu7niorgjyvb57ik7kwpozv6kmiem3hhgk43dvzg6h7xrbgga._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
execution
Link:
https://tria.ge/reports/260313-l4rl7se17v/
Behaviour
Command and Scripting Interpreter: JavaScript
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/42d34a7da8744c9c543dfa15f559eecd7ca6208cd9ce657363ae4de3fef1098c

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Braodo

Java Script (JS) js 42d34a7da8744c9c543dfa15f559eecd7ca6208cd9ce657363ae4de3fef1098c

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3795144/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3795145/

Comments