MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c9508837d342966619b4d00df62d2a1c6d8558876da193f0394140db612a7aaa. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c9508837d342966619b4d00df62d2a1c6d8558876da193f0394140db612a7aaa
SHA3-384 hash: 5ac8b2ed2ecec9de1194da6325b346ff7abe7bad8f64e85d0c2abb228ec651c3387df725cbdbf1db931b15e5dd7a5769
SHA1 hash: 2d963c0843785915d8538e193b5efd10a65c7af5
MD5 hash: 54449fc80e434fea7ec6902edc94bb92
humanhash: five-nitrogen-neptune-leopard
File name:c9508837d342966619b4d00df62d2a1c6d8558876da193f0394140db612a7aaa.js
Download: download sample
File size:129'453 bytes
First seen:2025-12-30 17:55:35 UTC
Last seen:Never
File type:Java Script (JS) js
MIME type:text/plain
ssdeep 3072:QC2S0bSSu7HFPSPLsNhrymzrA4cjZzvW4:StbSSurYPLMYmzrAjhW4
TLSH T178C3AEB7A28902514BE00198D588732CFB5BDD5B5DD4F5D7F39A06128F0CAF329AEA0D
Magika javascript
Reporter JAMESWT_WT
Tags:js

Intelligence

File Origin
# of uploads :
1
# of downloads :
87
Origin country :
IT IT
Vendor Threat Intelligence
No detections
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=695412447d915bf1778f1006
Tags:
n/a
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
obfuscated repaired
Link:
https://www.filescan.io/uploads/695412408d1aa9829e276523/reports/c840e48a-d7d2-4bba-bc2c-a3124a78961f/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/c9508837d342966619b4d00df62d2a1c6d8558876da193f0394140db612a7aaa
Verdict:
Malicious
File Type:
js
First seen:
2025-12-30T15:02:00Z UTC
Last seen:
2025-12-30T23:57:00Z UTC
Hits:
~10
Detections:
HEUR:Trojan.Script.Generic
Link:
https://opentip.kaspersky.com/c9508837d342966619b4d00df62d2a1c6d8558876da193f0394140db612a7aaa/results?tab=lookup
Score:
85%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/c9508837d342966619b4d00df62d2a1c6d8558876da193f0394140db612a7aaa
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c9508837d342966619b4d00df62d2a1c6d8558876da193f0394140db612a7aaa/
Verdict:
Malicious
Threat:
Trojan.Script
Link:
https://tip.neiki.dev/file/c9508837d342966619b4d00df62d2a1c6d8558876da193f0394140db612a7aaa
Threat name:
Text.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-10-24 19:37:18 UTC
File Type:
Text (JavaScript)
AV detection:
3 of 24 (12.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=zfiiqn6tiklgmgnu2ag7mljkdrwykwehnwqzh4bzifanwyjkpkva._file
Gathering data
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.60
Link:
https://yomi.yoroi.company/submissions/c9508837d342966619b4d00df62d2a1c6d8558876da193f0394140db612a7aaa

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments