MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 65faa473e222694b54b93b2df4831584cc9efeb6dd3c9cf6c14452ec99dc0ba1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 65faa473e222694b54b93b2df4831584cc9efeb6dd3c9cf6c14452ec99dc0ba1
SHA3-384 hash: d2ed0ec519a5bcefdae971f0fc591a7acb9395fd780b838b503852d2bd9a6cd62b5c7207de2121f76a8772c0e37659ef
SHA1 hash: df3ce3dca0167d76b0f996dd1d969d4aca8cc67e
MD5 hash: 5d6e25395c96a7329135fdae827b5543
humanhash: oxygen-butter-monkey-steak
File name:a7dc57c54a9d9bfd3497b16248f8bf2e.aspx
Download: download sample
File size:11'207 bytes
First seen:2026-02-01 08:55:12 UTC
Last seen:Never
File type:
MIME type:text/plain
ssdeep 192:N5PKUazxiZOU9ZFXB3uAiD4D+IV9BDn5uBLW5zfziGzjSISZ2pFl2LjAsLEPr7Yr:q8NV9BDnoFd2pf2LEyR46vTbKDyP
TLSH T1B03264BC7EF63065961D28B88C3AA45EF2768D7A565CCE85B51C91E42FE82300F54EF0
Magika javascript
Reporter BlinkzSec
Tags:aspx

Intelligence

File Origin
# of uploads :
1
# of downloads :
3
Origin country :
CZ CZ
Vendor Threat Intelligence
Gathering data
Verdict:
Malicious
Score:
81.4%
Link:
https://cyber-fortress.com/docs/result/index.php?id=697f7526d93e7233498c5f10
Tags:
stealer virus
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/697f7521981ff1d38a43ac80/reports/2f4e2ccd-6645-4f81-9f78-e56d7f6df2a1/overview
Result
Gathering data
Gathering data
Threat name:
MacOS.Infostealer.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-01-28 16:56:56 UTC
File Type:
Text (JavaScript)
AV detection:
5 of 36 (13.89%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=mx5ki47cejuuwvfzhmw7jayvqtgj57vw3u6jz5wbirjozgo4boqq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.65
Link:
https://yomi.yoroi.company/submissions/65faa473e222694b54b93b2df4831584cc9efeb6dd3c9cf6c14452ec99dc0ba1

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

65faa473e222694b54b93b2df4831584cc9efeb6dd3c9cf6c14452ec99dc0ba1

(this sample)

  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3767190/

Comments