MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b046d04b61f3ebfd9410c8b4f365118e29470fb6c54529c2425f553eb6364d8e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b046d04b61f3ebfd9410c8b4f365118e29470fb6c54529c2425f553eb6364d8e
SHA3-384 hash: f1b2343c0c58d6d15f158710243a2ef2da2eb4cace8128b819f2f5e4f307f18c82cb1f670cc3a7180d09e549c3d7de60
SHA1 hash: bcce34d196020e7814eb6aefd940a8c88b282485
MD5 hash: 4201f2b35e40c01807764f9576e20b15
humanhash: utah-washington-romeo-double
File name:Facebook Account Recovery Support Center 2026.pdf
Download: download sample
File size:134'589 bytes
First seen:2026-01-09 10:09:05 UTC
Last seen:Never
File type: pdf
MIME type:application/pdf
ssdeep 3072:AfEr775EKnJXlTsobb4k9NjInSFArxtNDeZgmi7OnHpN1:AfEX+kXlTsoP9hInSmrxy0OJv
TLSH T17AD38B75FBC7C748FB4795AC693C3EB7036535E2A6C4694704270E186188FB88A172BE
Magika pdf
Reporter smica83
Tags:pdf phishing

Intelligence

File Origin
# of uploads :
1
# of downloads :
251
Origin country :
HU HU
Vendor Threat Intelligence
No detections
Verdict:
Clean
Score:
89.3%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6960d3e19922425f92ff1a19
Tags:
n/a
Result
Verdict:
Clean
File Type:
PDF File
Link:
https://app.docguard.net/b046d04b61f3ebfd9410c8b4f365118e29470fb6c54529c2425f553eb6364d8e/results/dashboard
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
action phishing phishing
Link:
https://www.filescan.io/uploads/6960d3dd07ef5fa68e827cee/reports/cb85533d-060d-4621-8382-e31ecb7a9bd7/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/b046d04b61f3ebfd9410c8b4f365118e29470fb6c54529c2425f553eb6364d8e
Label:
Benign
Suspicious Score:
2/10
Score Malicious:
3%
Score Benign:
97%
Link:
https://www.malware.ai/gui/files/?id=f4592215-48f9-4ee2-90d9-d52d5d9fa765
Verdict:
Unknown
File Type:
pdf
Link:
https://opentip.kaspersky.com/b046d04b61f3ebfd9410c8b4f365118e29470fb6c54529c2425f553eb6364d8e/results?tab=lookup
Result
Threat name:
n/a
Detection:
malicious
Classification:
phis
Score:
56 / 100
Link:
https://www.joesandbox.com/analysis/1847191
Signature
AI detected malicious page (phishing or scam)
AI detected malicious PDF file
AI detected phishing page
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1847191 Sample: Facebook Account Recovery S... Startdate: 09/01/2026 Architecture: WINDOWS Score: 56 22 x1.i.lencr.org 2->22 24 e8652.dscx.akamaiedge.net 2->24 26 3 other IPs or domains 2->26 40 AI detected phishing page 2->40 42 AI detected malicious PDF file 2->42 44 AI detected malicious page (phishing or scam) 2->44 8 chrome.exe 3 2->8         started        11 Acrobat.exe 20 58 2->11         started        13 chrome.exe 2->13         started        signatures3 process4 dnsIp5 28 192.168.2.16 unknown unknown 8->28 30 192.168.2.4, 138, 443, 49490 unknown unknown 8->30 15 chrome.exe 8->15         started        18 AcroCEF.exe 106 11->18         started        process6 dnsIp7 32 www.maneger-accouintr-solutieonst.site 15->32 34 www.google.com 173.194.219.99, 443, 49743, 49775 GOOGLEUS United States 15->34 38 16 other IPs or domains 15->38 36 e8652.dscx.akamaiedge.net 23.216.69.32, 49727, 80 AKAMAI-ASN1EU United States 18->36 20 AcroCEF.exe 3 18->20         started        process8
Score:
5%
Verdict:
Benign
File Type:
PDF
Link:
https://malprob.io/report/b046d04b61f3ebfd9410c8b4f365118e29470fb6c54529c2425f553eb6364d8e
Verdict:
inconclusive
YARA:
3 match(es)
Link:
https://app.malva.re/file/4201f2b35e40c01807764f9576e20b15
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b046d04b61f3ebfd9410c8b4f365118e29470fb6c54529c2425f553eb6364d8e/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-01-09 10:09:35 UTC
File Type:
Document
Extracted files:
19
AV detection:
5 of 24 (20.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=wbdnas3b6pv73faqzc2pgzirryuuod5wyvcstqscl5kt5nrwjwha._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.10
Link:
https://yomi.yoroi.company/submissions/b046d04b61f3ebfd9410c8b4f365118e29470fb6c54529c2425f553eb6364d8e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments