MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 c9ef5a98d32858facd2ea6354196969080b87cb684295830d983293a25daf143. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
WSHRAT
Vendor detections: 3
| SHA256 hash: | c9ef5a98d32858facd2ea6354196969080b87cb684295830d983293a25daf143 |
|---|---|
| SHA3-384 hash: | 3daab64cc18e5e8c9eea95ccbcb9b579b1ec2915f1bcf2107aa646c0c4c46d374b2f63d4414d9d54c5b15b81426ab333 |
| SHA1 hash: | 67bb4fe378952026e7c970cadd3798b379c99bdb |
| MD5 hash: | 394f8e6df802d303487795e7edb76ad0 |
| humanhash: | rugby-october-earth-alpha |
| File name: | Payment comfirmation.js |
| Download: | download sample |
| Signature | WSHRAT |
| File size: | 374'794 bytes |
| First seen: | 2020-03-24 14:38:29 UTC |
| Last seen: | Never |
| File type: |  js |
| MIME type: | text/plain |
| ssdeep | 3072:MPlUua7+ee9r68NdKiswc00VaRTJS1SI3neiOGQCVGkWTEnju/zq6Umj5/fWpWvs:M5EQiwpPFJS/eimpGwfj5/I8YmM1E2CI |
| TLSH | 44848C14EF894B8DAA881A43E47DDE6E5BF31B01D8E162CE7B477A071E4FE4D940E844 |
| Reporter |  Racco42 |
| Tags: | js wshrat |
Intelligence
File Origin
# of uploads :
1
# of downloads :
135
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
Script-JS.Downloader.Sagent
Status:
Malicious
First seen:
2020-03-24 14:48:18 UTC
AV detection:
10 of 47 (21.28%)
Threat level:
2/5
Detection(s):
Malicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.