MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b7d2a540e591492a71fa7921fdb692187d62ffe44e341114ad58105db6cf6d8b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b7d2a540e591492a71fa7921fdb692187d62ffe44e341114ad58105db6cf6d8b
SHA3-384 hash: 59f55b7ce2d8b1e0d438eccdce6e4ca3b1c582cd99ae04d684dd9aa5c4a8f42523019f2cf03cc64619cf34be1eb3b40d
SHA1 hash: 3d2ed57ea65c948e5b0af170d926fce50b78ebee
MD5 hash: 4d6a1c841d772412a3a0bb595e602c82
humanhash: nebraska-batman-lithium-coffee
File name:b7d2a540e591492a71fa7921fdb692187d62ffe44e341114ad58105db6cf6d8b.gzip
Download: download sample
File size:4'958 bytes
First seen:2026-04-01 11:06:36 UTC
Last seen:Never
File type: gz
MIME type:application/gzip
ssdeep 96:/VXf1TSt775TNGvaJsBpseuey6C5JbaEaSazxcFVZ5WlUWijwQMP9Zt:/bTSt77xR8pdvA1aEalNcXZYlURj6vt
TLSH T15FA19FEB12CAE742AF65AF8250BA4F8908F425D54E054E43ADF7624FB2C149AC4578F2
Magika gzip
Reporter JAMESWT_WT
Tags:gz teampcp

Intelligence

File Origin
# of uploads :
1
# of downloads :
28
Origin country :
IT IT
File Archive Information

This file archive contains 4 file(s), sorted by their relevance:

File name:package.json
File size:287 bytes
SHA256 hash: e0e85b69d95caec2dab135a72a6561b9737ecac9710b0854007a5b453a3ee896
MD5 hash: 7bdb81fe97f2f71126ebe8dbe9deb9cd
MIME type:text/plain
File name:deploy.js
File size:3'228 bytes
SHA256 hash: 158091ec92a3a91d7d2d29e6b867d47479d624bcae5f067cc80af4eff91c9729
MD5 hash: 958c8f4f9145a7d67692db172f73c650
MIME type:application/javascript
File name:README.md
File size:3'282 bytes
SHA256 hash: 0ab9c9d76eaef6a5829742495ec205319e5f61ef8412d6c9d5685e6d130452c8
MD5 hash: ec5d033d12d5b71f7044acbc47d86fe1
MIME type:text/x-java
File name:index.js
File size:4'776 bytes
SHA256 hash: c37c0ae9641d2e5329fcdee847a756bf1140fdb7f0b7c78a40fdc39055e7d926
MD5 hash: 55405de62427ac56106f0fdb1c33dedd
MIME type:text/plain
Vendor Threat Intelligence
Gathering data
Detection(s):
SecuriteInfo.com.Script.SNH-gen.88199653.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
96.5%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69ccfc6a6363ca5d27f085d8
Tags:
virus worm
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/b7d2a540e591492a71fa7921fdb692187d62ffe44e341114ad58105db6cf6d8b
Result
Gathering data
Verdict:
Malicious
File Type:
gz
First seen:
2026-03-30T13:27:00Z UTC
Last seen:
2026-03-30T13:43:00Z UTC
Hits:
~100
Link:
https://opentip.kaspersky.com/b7d2a540e591492a71fa7921fdb692187d62ffe44e341114ad58105db6cf6d8b/results?tab=lookup
Score:
36%
Verdict:
Susipicious
File Type:
ARCHIVE
Link:
https://malprob.io/report/b7d2a540e591492a71fa7921fdb692187d62ffe44e341114ad58105db6cf6d8b
Verdict:
inconclusive
YARA:
1 match(es)
Tags:
GZip Archive
Link:
https://app.malva.re/file/4d6a1c841d772412a3a0bb595e602c82
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b7d2a540e591492a71fa7921fdb692187d62ffe44e341114ad58105db6cf6d8b/
Verdict:
Malicious
Threat:
Trojan-Downloader.JS.Agent
Link:
https://tip.neiki.dev/file/b7d2a540e591492a71fa7921fdb692187d62ffe44e341114ad58105db6cf6d8b
Threat name:
Archive-GZIP.Worm.SupplyChain
Create hunting rule
Status:
Malicious
First seen:
2026-03-21 00:24:20 UTC
File Type:
Binary (Archive)
Extracted files:
5
AV detection:
15 of 36 (41.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=w7jkkqhfsfesu4p2peq73nusdb6wf77ejy2bcffnlaif3nwpnwfq._file
Result
Malware family:
n/a
Score:
  4/10
Tags:
antivm discovery execution linux
Link:
https://tria.ge/reports/260401-n3471scs3l/
Behaviour
Command and Scripting Interpreter: JavaScript
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments