MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d398255e433f8448063cedc9a518ad5bcac30eebaabadee33b4840f455bed8f3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d398255e433f8448063cedc9a518ad5bcac30eebaabadee33b4840f455bed8f3
SHA3-384 hash: 2b410afdf6a7897abff8c1fff42d1bdac62f060ea98d879d42306c051d2bab6802dcec3f2c3abaede96680d63d77b117
SHA1 hash: d48442b988ed2d7953bd96e47d2da1a8533f6a73
MD5 hash: 82cc38077cc0a9857831eb86889e795f
humanhash: magnesium-golf-september-april
File name:o.xml
Download: download sample
File size:664 bytes
First seen:2025-12-19 12:11:13 UTC
Last seen:Never
File type:
MIME type:text/plain
ssdeep 12:FzY8id/7JAC7akxGWi2jX0KTkoj3LEZLQnv:FzY8k1/sWi2jksY+
TLSH T1E9014C9CD57CCFB2299EC586B5B051048480D0C7B1F997D5F74D0820AF20D893B5334D
Magika xml
Reporter abuse_ch
Tags:xml

Intelligence

File Origin
# of uploads :
1
# of downloads :
30
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=694552f129df60c6e007bf72
Tags:
n/a
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
opendir
Link:
https://www.filescan.io/uploads/694552f084afa5547b5a89a4/reports/a9ae8dcf-8dd7-4a5a-ac3c-69f35595a922/overview
Verdict:
Malicious
Labled as:
TrojanDownloader/Linux.NetLoader
Link:
https://www.hybrid-analysis.com/sample/d398255e433f8448063cedc9a518ad5bcac30eebaabadee33b4840f455bed8f3
Verdict:
Clean
File Type:
text
Link:
https://opentip.kaspersky.com/d398255e433f8448063cedc9a518ad5bcac30eebaabadee33b4840f455bed8f3/results?tab=lookup
Score:
0%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/d398255e433f8448063cedc9a518ad5bcac30eebaabadee33b4840f455bed8f3
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/d398255e433f8448063cedc9a518ad5bcac30eebaabadee33b4840f455bed8f3/
Verdict:
Clean
Link:
https://tip.neiki.dev/file/d398255e433f8448063cedc9a518ad5bcac30eebaabadee33b4840f455bed8f3
Threat name:
Script.Trojan.Heuristic
Create hunting rule
Status:
Malicious
First seen:
2025-12-19 12:25:28 UTC
File Type:
Text
AV detection:
4 of 24 (16.67%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=2omckxsdh6ceqbr45xe2kgfnlpfmgdxlvk5n5yz3jbapivn63dzq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/d398255e433f8448063cedc9a518ad5bcac30eebaabadee33b4840f455bed8f3

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

d398255e433f8448063cedc9a518ad5bcac30eebaabadee33b4840f455bed8f3

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3737171/
  
Delivery method
Distributed via web download

Comments