MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 48923119c63b4c0457f5586c2cf2de84d0843f35ada91132f2f3103a60157e89. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 48923119c63b4c0457f5586c2cf2de84d0843f35ada91132f2f3103a60157e89
SHA3-384 hash: 9dd173d627a6ffa07c9b58c62f6b4c76cce818660aa0e2f74781dc4948ad68ff35bd71d258300f4aef7f45df5f7d2cb4
SHA1 hash: 02f8e57581ab28a6c545ad608d52d601d49c1ee8
MD5 hash: 639c3673a1784b8706362bcc80315d91
humanhash: five-batman-lima-oven
File name:mq.xml
Download: download sample
File size:675 bytes
First seen:2025-01-18 12:56:08 UTC
Last seen:Never
File type:
MIME type:text/xml
ssdeep 12:TMHdxXzKF8id/rXAC7ikxGWi2jX0KzUmBjcmESmikmnv:2dxXzKF8kz/8Wi2jk+EskW
TLSH T149012DDCE17CCA9119ADC985B6F4920554A4D0C7A1F46BD5F38D08206F44D493A6224D
Magika xml
Reporter abuse_ch
Tags:xml

Intelligence

File Origin
# of uploads :
1
# of downloads :
85
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.XML.Trojan.Agent.R3VOFV.13736.1389.UNOFFICIAL
Create hunting rule

Verdict:
Clean
Score:
89.3%
Link:
https://cyber-fortress.com/docs/result/index.php?id=678bfa3b4487910100e0ab7a
Tags:
n/a
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
masquerade opendir opendir
Link:
https://www.filescan.io/uploads/678ba52578dcd7641f557123/reports/b8ed28c8-ae78-4186-82db-83ab52c4cb9d/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/48923119c63b4c0457f5586c2cf2de84d0843f35ada91132f2f3103a60157e89
Result
Verdict:
UNKNOWN
Details
IPv4 Dotted Quad URL
A URL was detected referencing a direct IP address, as opposed to a domain name.
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/48923119c63b4c0457f5586c2cf2de84d0843f35ada91132f2f3103a60157e89
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/48923119c63b4c0457f5586c2cf2de84d0843f35ada91132f2f3103a60157e89/
Threat name:
Script-JS.Trojan.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-01-02 19:47:38 UTC
File Type:
Text (XML)
AV detection:
6 of 24 (25.00%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=jcjdcgoghngaiv7vlbwcz4w6qtiiipzvvwurcmxs6miduyavp2eq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/48923119c63b4c0457f5586c2cf2de84d0843f35ada91132f2f3103a60157e89

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

48923119c63b4c0457f5586c2cf2de84d0843f35ada91132f2f3103a60157e89

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3404545/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3404555/

Comments