MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 78bbb36d0344019c4b50fc23b4eaa4a14f4a91aa3025b64255e8fc814f5ca342. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 78bbb36d0344019c4b50fc23b4eaa4a14f4a91aa3025b64255e8fc814f5ca342
SHA3-384 hash: 57431befad07372bbc58d32845193e9970e797a1938e8f1a97caee78b00cff6cd1ff96b4cf41ebfd24aff57ac2af1fa0
SHA1 hash: 640495d416968eaa47b3275202049bd06aab7df2
MD5 hash: 4d69dd689cd2a1bf425fe794bc6e5a00
humanhash: sink-november-three-delta
File name:Scan_4_13_1_1389_28.04.2026.htm
Download: download sample
File size:272'888 bytes
First seen:2026-05-13 15:34:02 UTC
Last seen:Never
File type:
MIME type:text/html
ssdeep 3072:FD47F5zyPt3JdpNT7JHJ130EqY6ZsxDMEHkVqriy4cgP03VM8f7Cc/H4YXbtZbA3:FsfSpNT7JH0ErAHEfj4ifbmjfEna3Am
TLSH T1D944B41BF43B1AB466007E85AC2325E79EDCD0529BB0727466ECE7EEC47E47850D9232
TrID 80.6% (.HTM/HTML) HyperText Markup Language with DOCTYPE (12501/2/4)
19.3% (.HTML) HyperText Markup Language (3000/1/1)
Magika html
Reporter smica83
Tags:htm UKR

Intelligence

File Origin
# of uploads :
1
# of downloads :
5
Origin country :
HU HU
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Score:
92.5%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6a05c56546d6967b3d904a98
Tags:
pterodo virus shell sage
Verdict:
Malicious
File Type:
html
First seen:
2026-05-13T14:22:00Z UTC
Last seen:
2026-05-14T21:54:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/78bbb36d0344019c4b50fc23b4eaa4a14f4a91aa3025b64255e8fc814f5ca342/results?tab=lookup
Result
Threat name:
n/a
Detection:
malicious
Classification:
phis
Score:
72 / 100
Link:
https://www.joesandbox.com/analysis/1913433
Signature
AI detected malicious page (phishing or scam)
Downloads suspicious files via Chrome
Large href element pointing to data found
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1913433 Sample: Scan_4_13_1_1389_28.04.2026.htm Startdate: 14/05/2026 Architecture: WINDOWS Score: 72 42 chrome.cloudflare-dns.com 2->42 52 Malicious sample detected (through community Yara rule) 2->52 54 Multi AV Scanner detection for submitted file 2->54 56 AI detected malicious page (phishing or scam) 2->56 58 2 other signatures 2->58 10 chrome.exe 14 2->10         started        14 unarchiver.exe 2 2->14         started        16 chrome.exe 2->16         started        signatures3 process4 dnsIp5 48 192.168.2.16 unknown unknown 10->48 50 192.168.2.4, 138, 443, 49700 unknown unknown 10->50 36 C:\...\4_13_1_1389_28.04.2026.rar (copy), RAR 10->36 dropped 18 chrome.exe 10->18         started        21 cmd.exe 3 2 14->21         started        23 7za.exe 3 14->23         started        file6 process7 dnsIp8 44 www.google.com 142.251.150.119, 443, 49720, 49741 GOOGLEUS United States 18->44 46 212.193.20.110, 49731, 49733, 49734 ASBAXETNRU Russian Federation 18->46 25 Acrobat.exe 59 21->25         started        27 conhost.exe 21->27         started        29 conhost.exe 23->29         started        process9 process10 31 AcroCEF.exe 99 25->31         started        process11 33 AcroCEF.exe 3 31->33         started        dnsIp12 38 23.197.168.204, 443, 49749 LGDACOMLGDACOMCorporationKR United States 33->38 40 chrome.cloudflare-dns.com 162.159.61.3, 443, 49744, 49745 CLOUDFLARENETUS United States 33->40
Score:
65%
Verdict:
Susipicious
File Type:
SCRIPT
Link:
https://malprob.io/report/78bbb36d0344019c4b50fc23b4eaa4a14f4a91aa3025b64255e8fc814f5ca342
Gathering data
Threat name:
Document-HTML.Trojan.Pterodo
Create hunting rule
Status:
Malicious
First seen:
2026-05-13 08:57:55 UTC
File Type:
Text (HTML)
AV detection:
9 of 36 (25.00%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=pc53g3idiqazys2q7qr3j2veufhuvenkgas3mqsv5d6ict24unba._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments