MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6f426d9e13515ecdb0b62e77f200e6c6f3be0ccb72b729386f71d16bc4f8d5a3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 6f426d9e13515ecdb0b62e77f200e6c6f3be0ccb72b729386f71d16bc4f8d5a3
SHA3-384 hash: f65a1c393f2612fa32b00c33ae747b7cdd2e90b7197da2f7527924a0a89c748d1b15626353309dc7386ddf1b3e660a7d
SHA1 hash: 3fe94b5788a56b2365922502d51b4d73bf8ab4af
MD5 hash: a02f255369d11b1a70d19d1a26cde7fb
humanhash: avocado-mississippi-hot-video
File name:krypton.jar
Download: download sample
File size:71'786 bytes
First seen:2026-04-15 11:40:50 UTC
Last seen:Never
File type:Java file jar
MIME type:application/java-archive
ssdeep 1536:VpusSJbcDAuzeJV/3mvM82FeVICMLijVJpFDGrpOXyVTdJekPRLdjPNY:/CJsAuzqV/3UM5Fe1Dg0ihne6zY
TLSH T18E6302AC2FD7C254CA0170FDEA064C8F68DA81BD9594F23E4ADB8D8171C4CB51CB69E6
TrID 77.1% (.JAR) Java Archive (13500/1/2)
22.8% (.ZIP) ZIP compressed archive (4000/1)
Magika jar
Reporter burger
Tags:jar

Intelligence

File Origin
# of uploads :
1
# of downloads :
85
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Malware family:
n/a
ID:
1
File name:
krypton.jar
Verdict:
No threats detected
Analysis date:
2026-04-15 11:40:03 UTC
Tags:
n/a
Link:
https://app.any.run/tasks/089ccc6b-ce27-46c6-9226-9fe138ff49ca

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/61734/
Detection(s):
SecuriteInfo.com.Java.Trojan.GenericGBA.41340.10913.18848.UNOFFICIAL
Create hunting rule

Verdict:
Clean
Score:
89.3%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69df7966f68adfe1003a0936
Tags:
n/a
Verdict:
Unknown
Threat level:
  2.5/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/69df7958799d5bf325ff91d1/reports/686d8cfc-436a-4f03-a976-9e5af166be4d/overview
Verdict:
Malicious
Labled as:
Java.Trojan.GenericA
Link:
https://www.hybrid-analysis.com/sample/6f426d9e13515ecdb0b62e77f200e6c6f3be0ccb72b729386f71d16bc4f8d5a3
Verdict:
Malicious
File Type:
jar
First seen:
2026-04-15T08:45:00Z UTC
Last seen:
2026-04-15T19:15:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan.Java.Generic
Link:
https://opentip.kaspersky.com/6f426d9e13515ecdb0b62e77f200e6c6f3be0ccb72b729386f71d16bc4f8d5a3/results?tab=lookup
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
52 / 100
Link:
https://www.joesandbox.com/analysis/1898673
Signature
Joe Sandbox ML detected suspicious sample
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1898673 Sample: krypton.jar Startdate: 15/04/2026 Architecture: WINDOWS Score: 52 12 Multi AV Scanner detection for submitted file 2->12 14 Joe Sandbox ML detected suspicious sample 2->14 6 cmd.exe 2 2->6         started        process3 process4 8 java.exe 3 6->8         started        10 conhost.exe 6->10         started       
Score:
0%
Verdict:
Benign
File Type:
ARCHIVE
Link:
https://malprob.io/report/6f426d9e13515ecdb0b62e77f200e6c6f3be0ccb72b729386f71d16bc4f8d5a3
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/6f426d9e13515ecdb0b62e77f200e6c6f3be0ccb72b729386f71d16bc4f8d5a3/
Verdict:
Malicious
Threat:
Trojan.Java
Link:
https://tip.neiki.dev/file/6f426d9e13515ecdb0b62e77f200e6c6f3be0ccb72b729386f71d16bc4f8d5a3
Threat name:
ByteCode-JAVA.Trojan.Egairtigado
Create hunting rule
Status:
Malicious
First seen:
2026-04-15 11:42:21 UTC
File Type:
Binary (Archive)
Extracted files:
17
AV detection:
7 of 24 (29.17%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=n5bg3hqtkfpm3mfwfz37eahgy3z34dglok3ssodpohiwxrhy2wrq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/260415-ntkf9afy2t/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.35
Link:
https://yomi.yoroi.company/submissions/6f426d9e13515ecdb0b62e77f200e6c6f3be0ccb72b729386f71d16bc4f8d5a3

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/61734/

Comments