MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b5e641976af17bbc421c17737b648cb80cda6c960daa8b2b300bde2436e70eff. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b5e641976af17bbc421c17737b648cb80cda6c960daa8b2b300bde2436e70eff
SHA3-384 hash: c16fd66532b512c52a6e252fd7556d76017f5e66fe9a37b46309561b3ba95f786bfbb3808bde364fa788e778432e0a6c
SHA1 hash: 2fab1e480ccbe888f7c35cdbe318c088d728f6ec
MD5 hash: df9643ea657f7a96d97975ce2f51cadd
humanhash: tango-bakerloo-comet-triple
File name:b5e641976af17bbc421c17737b648cb80cda6c960daa8b2b300bde2436e70eff.html
Download: download sample
File size:62'323 bytes
First seen:2026-03-17 11:10:30 UTC
Last seen:Never
File type: html
MIME type:text/html
ssdeep 1536:M360p35LjTL2VvwqvTML4SWkkgt+SpYpA3EHY7Y3YWhYsY69nm5LjTL2VvwqvTMj:MDKpA3E4UIWSpASeYNtn/
TLSH T178533925608614182113C1D6A6D3935E3574C00BE70B4D2CB6BE90B2AFDE9FAD77B6F8
Magika html
Reporter JAMESWT_WT
Tags:46-62-197-232 94-156-170-255 html

Intelligence

File Origin
# of uploads :
1
# of downloads :
70
Origin country :
IT IT
Vendor Threat Intelligence
No detections
Detection(s):
SecuriteInfo.com.Script.SNH-gen.76159434.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
90.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69b936d388c80c01586b176d
Tags:
virus sage html
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
aidetect clickfix fakeapp phishing
Link:
https://www.filescan.io/uploads/69b936d14ec2f522cc4c5b1a/reports/f3602d20-638e-48e5-b5c9-9a9a82fcf459/overview
Verdict:
Malicious
Labled as:
BAT/TrojanDownloader.Agent
Link:
https://www.hybrid-analysis.com/sample/b5e641976af17bbc421c17737b648cb80cda6c960daa8b2b300bde2436e70eff
Verdict:
Malicious
File Type:
html
Link:
https://opentip.kaspersky.com/b5e641976af17bbc421c17737b648cb80cda6c960daa8b2b300bde2436e70eff/results?tab=lookup
Score:
25%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/b5e641976af17bbc421c17737b648cb80cda6c960daa8b2b300bde2436e70eff
Verdict:
inconclusive
YARA:
4 match(es)
Tags:
Html SVG
Link:
https://app.malva.re/file/df9643ea657f7a96d97975ce2f51cadd
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b5e641976af17bbc421c17737b648cb80cda6c960daa8b2b300bde2436e70eff/
Threat name:
Script-PowerShell.Trojan.FakeCaptcha
Create hunting rule
Status:
Malicious
First seen:
2026-03-05 18:34:27 UTC
File Type:
Text (HTML)
Extracted files:
8
AV detection:
6 of 23 (26.09%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=wxtedf3k6f53yqq4c5zxwzemxagnu3ewbwviwkzqbppcinxhb37q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/b5e641976af17bbc421c17737b648cb80cda6c960daa8b2b300bde2436e70eff

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments