MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c038bafa437c9d39c891ee4c468c86e9586e5b0a6cf1ff72f0ca741cc758eb88. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c038bafa437c9d39c891ee4c468c86e9586e5b0a6cf1ff72f0ca741cc758eb88
SHA3-384 hash: 8bba93c70738ea159dafea6ac288096174d3dce1bfd4a23b7ecacbf743c4ca59e8647ef1a8a35ded1f89d325c201e2d8
SHA1 hash: 78ffedc329c8a39ad4d4ddcf2e9b9310ddf834ed
MD5 hash: 55697e8379b7ee48b23acdbc7b581a48
humanhash: cat-hot-lemon-pennsylvania
File name:o.xml
Download: download sample
File size:724 bytes
First seen:2025-11-19 22:02:07 UTC
Last seen:Never
File type:
MIME type:text/plain
ssdeep 12:FH8ioNJAC7ukxGWi2jU30+0K5+A+GDjInkC01lkC0F70/GrZhG+E6:FH8j/wWi2jzyXIkT1STR0/GB
TLSH T100014E6CD1EC9F5008F5C6C6B2F84248C491808751F467D5F34E09166F28EDE7C9320D
Magika xml
Reporter abuse_ch
Tags:xml

Intelligence

File Origin
# of uploads :
1
# of downloads :
33
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=691e431f40055a3d310dda55
Tags:
n/a
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
opendir
Link:
https://www.filescan.io/uploads/691eb45ac9df5dc88d1d920c/reports/b6436d5c-20c2-4735-a4b2-1330f8635aa5/overview
Verdict:
Malicious
Labled as:
TrojanDownloader/Linux.NetLoader
Link:
https://www.hybrid-analysis.com/sample/c038bafa437c9d39c891ee4c468c86e9586e5b0a6cf1ff72f0ca741cc758eb88
Verdict:
Clean
File Type:
text
Link:
https://opentip.kaspersky.com/c038bafa437c9d39c891ee4c468c86e9586e5b0a6cf1ff72f0ca741cc758eb88/results?tab=lookup
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/c038bafa437c9d39c891ee4c468c86e9586e5b0a6cf1ff72f0ca741cc758eb88
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c038bafa437c9d39c891ee4c468c86e9586e5b0a6cf1ff72f0ca741cc758eb88/
Verdict:
Clean
Link:
https://tip.neiki.dev/file/c038bafa437c9d39c891ee4c468c86e9586e5b0a6cf1ff72f0ca741cc758eb88
Threat name:
Script-JS.Trojan.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-11-19 22:10:46 UTC
File Type:
Text
AV detection:
8 of 24 (33.33%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ya4lv6sdpsottser5zgendeg5fmg4wyknty764xqzj2bzr2y5oea._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/c038bafa437c9d39c891ee4c468c86e9586e5b0a6cf1ff72f0ca741cc758eb88

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

c038bafa437c9d39c891ee4c468c86e9586e5b0a6cf1ff72f0ca741cc758eb88

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3712141/
  
Delivery method
Distributed via web download

Comments