MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 53ebb72bfccba9f18b1e2051482bd56447ddf5791d812f8198aeb0b96e6cb37a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 5

Intelligence 5 IOCs YARA File information Comments

SHA256 hash:	53ebb72bfccba9f18b1e2051482bd56447ddf5791d812f8198aeb0b96e6cb37a
SHA3-384 hash:	d3d27b045a6d6d09fbe15dcf055956f260013b37c8bf8cf889b29473e5c28ff6ab2df7cacf0f8d86625e4aed6f49250a
SHA1 hash:	6ae7a1901b886fb993559ed9ed7d8ea782cd54a0
MD5 hash:	5f28d10c7db64e1fa4ece2fea946484a
humanhash:	football-early-ceiling-white
File name:	photo.scr
Download:	download sample
File size:	3'212 bytes
First seen:	2025-11-24 19:56:20 UTC
Last seen:	Never
File type:
MIME type:	text/html
ssdeep	48:0eUpI1GFO7C7ReT66GHBYPm6YEOyGvVpeuwTLHii3Ik4X6qPHwT:BUm1WO7C7Rem6GHeu7EO7zeX94X6qvi
TLSH	T11F61F7D53E54F4AD932154F9283F3029F1692C39093AE8E09389D8F56C78E49881AFB1
Magika	html
Reporter	juroots
Tags:	scr

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.Iframe.Gen-125.UNOFFICIAL

SecuriteInfo.com.HTML-7811.UNOFFICIAL

PUA.Html.Trojan.Agent-37074

Verdict:

Malicious

Score:

96.5%

Link:

https://cyber-fortress.com/docs/result/index.php?id=69254e125d7fac83ebf2b74f

Tags:

miner virus sage

Verdict:

Unknown

Threat level:

2.5/10

Confidence:

100%

Tags:

aidetect masquerade phishing

Link:

https://www.filescan.io/uploads/6924b886f6a4ba1793af308e/reports/d24ed5eb-e9ce-4f2a-b72f-eab9a8fb98e8/overview

Verdict:

Malicious

Labled as:

Trojan.Html.Iframe

Link:

https://www.hybrid-analysis.com/sample/53ebb72bfccba9f18b1e2051482bd56447ddf5791d812f8198aeb0b96e6cb37a

Verdict:

Unknown

File Type:

html

Link:

https://opentip.kaspersky.com/53ebb72bfccba9f18b1e2051482bd56447ddf5791d812f8198aeb0b96e6cb37a/results?tab=lookup

Score:

Verdict:

Benign

File Type:

SCRIPT

Link:

https://malprob.io/report/53ebb72bfccba9f18b1e2051482bd56447ddf5791d812f8198aeb0b96e6cb37a

Verdict:

inconclusive

YARA:

2 match(es)

Tags:

Html

Link:

https://app.malva.re/file/5f28d10c7db64e1fa4ece2fea946484a

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/53ebb72bfccba9f18b1e2051482bd56447ddf5791d812f8198aeb0b96e6cb37a/

Threat name:

Document-HTML.Exploit.Phominer

Status:

Malicious

First seen:

2025-11-24 20:10:22 UTC

File Type:

Text (HTML)

Extracted files:

AV detection:

14 of 38 (36.84%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=kpv3ok74zou7dcy6ebiuqk6vmrd535lzdwas7amyv2yls3tmwn5a._file

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/53ebb72bfccba9f18b1e2051482bd56447ddf5791d812f8198aeb0b96e6cb37a

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

53ebb72bfccba9f18b1e2051482bd56447ddf5791d812f8198aeb0b96e6cb37a

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/3716199/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample