MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 920497bfc99bb67a73d1efacf60a452a4d59afa379f2723fe12873f2cd188295. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 920497bfc99bb67a73d1efacf60a452a4d59afa379f2723fe12873f2cd188295
SHA3-384 hash: 60edfabfd59c6a45b8aead2cf4edd3bb53f49f25f1aea3d6ea77545d9d2828c8f14279ae74681a886ad3c33aa4a1a4c0
SHA1 hash: 5f3bcc1269aee2f5f81680f79e7aad0d7f3bb8c1
MD5 hash: 0dc86de3229f078446c63cfd302df4cf
humanhash: cardinal-king-thirteen-mike
File name:2.js
Download: download sample
File size:77 bytes
First seen:2026-04-14 18:20:23 UTC
Last seen:Never
File type:Java Script (JS) js
MIME type:text/plain
ssdeep 3:lcQFzMlMyqrBFckG8LrObL7q:lR+yrL3/rOO
TLSH T1D4A01108028032F800202E88B20A22C80232833208AA2388002B8C88AA0202F2220800
Magika javascript
Reporter JAMESWT_WT
Tags:js yy-kak-is

Intelligence

File Origin
# of uploads :
1
# of downloads :
95
Origin country :
IT IT
Vendor Threat Intelligence
No detections
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69de858af68adfe10039cf58
Tags:
n/a
Verdict:
Unknown
Threat level:
  2.5/10
Confidence:
100%
Tags:
repaired
Link:
https://www.filescan.io/uploads/69de85879124ebc0875225c0/reports/874d38b4-9b4d-48de-a8b8-84847a3cf3e4/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/920497bfc99bb67a73d1efacf60a452a4d59afa379f2723fe12873f2cd188295
Verdict:
Malicious
File Type:
ps1
First seen:
2026-02-22T23:25:00Z UTC
Last seen:
2026-04-14T16:48:00Z UTC
Hits:
~100
Detections:
Trojan.Win32.APosT.a Trojan.APosT.UDP.C&C PDM:Trojan.Win32.Generic NetTool.PowerShellUA.HTTP.C&C NetTool.PowerShellGet.HTTP.C&C
Link:
https://opentip.kaspersky.com/920497bfc99bb67a73d1efacf60a452a4d59afa379f2723fe12873f2cd188295/results?tab=lookup
Score:
26%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/920497bfc99bb67a73d1efacf60a452a4d59afa379f2723fe12873f2cd188295
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/920497bfc99bb67a73d1efacf60a452a4d59afa379f2723fe12873f2cd188295/
Verdict:
Malicious
Threat:
NetTool.PowerShellUA.HTTP
Link:
https://tip.neiki.dev/file/920497bfc99bb67a73d1efacf60a452a4d59afa379f2723fe12873f2cd188295
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=sicjpp6jto3hu46r56wpmcsffjgvtl5dphzhep7bfbz7ftiyqkkq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
execution
Link:
https://tria.ge/reports/260414-wy65tacw21/
Behaviour
Command and Scripting Interpreter: JavaScript
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/920497bfc99bb67a73d1efacf60a452a4d59afa379f2723fe12873f2cd188295

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments