MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 687f4a4b6119e88abcd7aea1223287e0cebe5f7a424371676ab7e11bc3fec2ab. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 9


Intelligence 9 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 687f4a4b6119e88abcd7aea1223287e0cebe5f7a424371676ab7e11bc3fec2ab
SHA3-384 hash: 46293345bc76a70f147f68017a546b5a11d010bcb55c7c2416a4b867efab22ac67781316a14b5716af1dc83bdfbd16b2
SHA1 hash: 7a6e167168fc750921f3ae80e8a87e20c69c9743
MD5 hash: 73c82fb44e798ab31e7ec9e32be4f254
humanhash: aspen-beer-fanta-kitten
File name:Phmar09.wsf
Download: download sample
File size:663 bytes
First seen:2026-03-18 15:11:02 UTC
Last seen:Never
File type:
MIME type:text/html
ssdeep 12:5VWYYrw6KNkIMdO7YvFD2JLGHrCclDHtiTDkxLzHCCclDH8iTzYMeq:CbjGkLO782RGHuclDHtiXwzHVclDH8iB
TLSH T1F60126822D14C6589090B3C3645DC98486B6C11768A0F3F25AC4BFAA55B7B744D6A4BE
Magika html
Reporter Anonymous
Tags:wsf

Intelligence

File Origin
# of uploads :
1
# of downloads :
40
Origin country :
US US
Vendor Threat Intelligence
No detections
Detection(s):
SecuriteInfo.com.Script.SNH-gen.97292411.UNOFFICIAL
Create hunting rule

Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69bac0cf88c80c01586ba90c
Tags:
n/a
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
anti-vm cscript evasive evasive fingerprint lolbin obfuscated opendir timeout webdav wscript
Link:
https://www.filescan.io/uploads/69bac09b493cb7d62d048e8c/reports/5c3a9629-2deb-41e5-a052-968a522b764e/overview
Verdict:
Malicious
Labled as:
Trojan.Cryxos.JS
Link:
https://www.hybrid-analysis.com/sample/687f4a4b6119e88abcd7aea1223287e0cebe5f7a424371676ab7e11bc3fec2ab
Verdict:
Malicious
File Type:
wsf
Detections:
HEUR:Trojan-Downloader.Script.Generic HEUR:Trojan.Script.Generic
Link:
https://opentip.kaspersky.com/687f4a4b6119e88abcd7aea1223287e0cebe5f7a424371676ab7e11bc3fec2ab/results?tab=lookup
Score:
89%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/687f4a4b6119e88abcd7aea1223287e0cebe5f7a424371676ab7e11bc3fec2ab
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/687f4a4b6119e88abcd7aea1223287e0cebe5f7a424371676ab7e11bc3fec2ab/
Verdict:
Malicious
Threat:
Trojan-Downloader.Script
Link:
https://tip.neiki.dev/file/687f4a4b6119e88abcd7aea1223287e0cebe5f7a424371676ab7e11bc3fec2ab
Threat name:
Script-JS.Trojan.Cryxos
Create hunting rule
Status:
Malicious
First seen:
2026-03-18 15:06:56 UTC
File Type:
Text
Extracted files:
1
AV detection:
10 of 36 (27.78%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=nb7uus3bdhuivpgxv2qsemuh4dhl4x32ijbxcz3kw7qrxq76ykvq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260318-sktqsacz8z/
Behaviour
Enumerates physical storage devices
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.73
Link:
https://yomi.yoroi.company/submissions/687f4a4b6119e88abcd7aea1223287e0cebe5f7a424371676ab7e11bc3fec2ab

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments