MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6b45e1a38609b9b7f2f2508b0b38f700a75ee1ea9b6c548d1a086bd91863efc3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 9

Intelligence 9 IOCs YARA File information Comments

SHA256 hash:	6b45e1a38609b9b7f2f2508b0b38f700a75ee1ea9b6c548d1a086bd91863efc3
SHA3-384 hash:	99ec7ad98df62c87602fca9a525eb473077a22f669f8b620a7148940e24c77492095408cd0e1c02c5c931df5a20bdb8c
SHA1 hash:	8c1ca7351a5456dcb98e63c7e51f387918f52661
MD5 hash:	796eeb0b6e9236579ea56cb7be4d3429
humanhash:	victor-carbon-tennis-winter
File name:	UKMar30.wsf
Download:	download sample
File size:	869 bytes
First seen:	2026-03-31 17:53:50 UTC
Last seen:	Never
File type:
MIME type:	text/html
ssdeep	24:7bjGkLO7mW32R6HaclDHZiXNKHHxclDHYiXNK4H8KoclDH8KTiXNJMp:/u2RsN1jnq1+K8K318Kdp
TLSH	T1D71180432C08DA2C6CEC624160DDC88485FAD1161BF0F3E659D0AE6E0572A204D1B4BE
Magika	txt
Reporter	kirkderp

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

Gathering data

Detection(s):

SecuriteInfo.com.JS.Trojan.Cryxos.15837.30146.8411.UNOFFICIAL

Verdict:

Clean

Score:

99.9%

Link:

https://cyber-fortress.com/docs/result/index.php?id=69cc0a553a18a6e1ddf01816

Tags:

n/a

Verdict:

Malicious

Labled as:

Trojan.Cryxos.JS

Link:

https://www.hybrid-analysis.com/sample/6b45e1a38609b9b7f2f2508b0b38f700a75ee1ea9b6c548d1a086bd91863efc3

Verdict:

Malicious

File Type:

wsf

First seen:

2026-04-01T07:57:00Z UTC

Last seen:

2026-04-01T13:54:00Z UTC

Hits:

~10

Detections:

HEUR:Trojan.Script.Generic HEUR:Trojan-Downloader.Script.Generic

Link:

https://opentip.kaspersky.com/6b45e1a38609b9b7f2f2508b0b38f700a75ee1ea9b6c548d1a086bd91863efc3/results?tab=lookup

Score:

74%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/6b45e1a38609b9b7f2f2508b0b38f700a75ee1ea9b6c548d1a086bd91863efc3

Verdict:

Malware

YARA:

3 match(es)

Tags:

Html Javascript T1059.007 WSF File

Link:

https://app.malva.re/file/796eeb0b6e9236579ea56cb7be4d3429

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/6b45e1a38609b9b7f2f2508b0b38f700a75ee1ea9b6c548d1a086bd91863efc3/

Verdict:

Malicious

Threat:

Trojan.Script

Link:

https://tip.neiki.dev/file/6b45e1a38609b9b7f2f2508b0b38f700a75ee1ea9b6c548d1a086bd91863efc3

Threat name:

Script-JS.Trojan.Cryxos

Status:

Malicious

First seen:

2026-03-31 17:54:28 UTC

File Type:

Text

Extracted files:

AV detection:

7 of 24 (29.17%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=nnc6di4gbg43p4xskcfqwohxactv5ypktnwfjdi2bbv5sgdd57bq._file

Result

Malware family:

n/a

Score:

3/10

Tags:

n/a

Link:

https://tria.ge/reports/260331-wg3fascv6j/

Behaviour

Enumerates physical storage devices

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

0.73

Link:

https://yomi.yoroi.company/submissions/6b45e1a38609b9b7f2f2508b0b38f700a75ee1ea9b6c548d1a086bd91863efc3

File information

The table below shows additional information about this malware sample such as delivery method and external references.

No further information available

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample