MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4b57ff1fb792e2c017d725f7152985613d1ff34613d518a0368d9add945b66e7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 4b57ff1fb792e2c017d725f7152985613d1ff34613d518a0368d9add945b66e7
SHA3-384 hash: fb61ad39c073e1f74027282e421364c8be97def3c62f7380b9012e7180fff77ade8fe32d578d050c2729db13d53dee82
SHA1 hash: 99384708e06264322957ab5700e257795a79db2f
MD5 hash: d4daece32268202e4c958a1262f35877
humanhash: xray-skylark-utah-potato
File name:ccv.js
Download: download sample
File size:294 bytes
First seen:2026-04-09 05:56:33 UTC
Last seen:Never
File type:Java Script (JS) js
MIME type:text/plain
ssdeep 6:hFqrTFILwCfLKzd+2iN7yeQjMtIBuyN5L2fPSAqoUF045:rqrGEGKAHNJQAtIYynL2fPSAnUFX5
TLSH T11BE02B055B24D1C0A8A5E7D35568919581FC41937C15E1FBFE818BCB1EAFAB443C4C8F
Magika javascript
Reporter abuse_ch
Tags:js

Intelligence

File Origin
# of uploads :
1
# of downloads :
105
Origin country :
SE SE
Vendor Threat Intelligence
No detections
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69d73fc56a61012f6ad04375
Tags:
n/a
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
evasive opendir persistence powershell repaired webdav
Link:
https://www.filescan.io/uploads/69d73fba5ea31bc68a1a48d2/reports/9372f791-0363-4b7b-a896-31fd13c1db32/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/4b57ff1fb792e2c017d725f7152985613d1ff34613d518a0368d9add945b66e7
Verdict:
Malicious
File Type:
js
First seen:
2026-04-09T03:14:00Z UTC
Last seen:
2026-04-10T23:54:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan-Downloader.Script.Generic
Link:
https://opentip.kaspersky.com/4b57ff1fb792e2c017d725f7152985613d1ff34613d518a0368d9add945b66e7/results?tab=lookup
Result
Threat name:
n/a
Detection:
malicious
Classification:
spyw
Score:
52 / 100
Link:
https://www.joesandbox.com/analysis/1895669
Signature
Opens network shares
Sigma detected: WScript or CScript Dropper
Windows Scripting host queries suspicious COM object (likely to drop second stage)
Behaviour
Behavior Graph:
Download SVG
Score:
34%
Verdict:
Susipicious
File Type:
SCRIPT
Link:
https://malprob.io/report/4b57ff1fb792e2c017d725f7152985613d1ff34613d518a0368d9add945b66e7
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/4b57ff1fb792e2c017d725f7152985613d1ff34613d518a0368d9add945b66e7/
Verdict:
Malicious
Threat:
Trojan-Downloader.Script
Link:
https://tip.neiki.dev/file/4b57ff1fb792e2c017d725f7152985613d1ff34613d518a0368d9add945b66e7
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=jnl76h5xslrmaf6xex3rkkmfme6r742gcpkrribwrwnn3fc3m3tq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
execution
Link:
https://tria.ge/reports/260409-gnpqfsbz6x/
Behaviour
Command and Scripting Interpreter: JavaScript
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/4b57ff1fb792e2c017d725f7152985613d1ff34613d518a0368d9add945b66e7

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Java Script (JS) js 4b57ff1fb792e2c017d725f7152985613d1ff34613d518a0368d9add945b66e7

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3814701/
  
Delivery method
Distributed via web download

Comments