MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 dbcf961fa63cec5fc675bd20be2b3ebe3a71d2fcd11a4e0aacb1e991de9c184f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 9

Intelligence 9 IOCs YARA File information Comments

SHA256 hash:	dbcf961fa63cec5fc675bd20be2b3ebe3a71d2fcd11a4e0aacb1e991de9c184f
SHA3-384 hash:	7f783f62b1dc430ffc65efd90252cebf17ac963ae691a9073bbff4b9d22e7402ced5f2ae879c4837203c09d81ae98f3f
SHA1 hash:	390c3e997cc6e3d599fbc431787845d74957f1a7
MD5 hash:	7ad44b94eac6912cfff858182539a93d
humanhash:	purple-eight-vegan-kentucky
File name:	Order-TP1026230_CBB237.js
Download:	download sample
File size:	975'746 bytes
First seen:	2026-05-16 09:39:46 UTC
Last seen:	Never
File type:	js
MIME type:	text/plain
ssdeep	12288:fY+KHPJbKsLWmuaB4dpyDfkI6YUTmIxh59FOS8RjZy:SEnAo
Threatray	18 similar samples on MalwareBazaar
TLSH	T1CE25613DCAE5001DB5B2CB54BDB8001FE4667B56262DC98F11C1168F4E3294DBBAE72E
TrID	66.6% (.TXT) Text - UTF-16 (LE) encoded (2000/1) 33.3% (.MP3) MP3 audio (1000/1)
Magika	vba
Reporter	JAMESWT_WT
Tags:	184-95-51-188 js Spam-ITA

Intelligence

File Origin

# of uploads :

1

# of downloads :

102

Origin country :

IT

Vendor Threat Intelligence

No detections

Verdict:

Clean

Score:

89.3%

Link:

https://cyber-fortress.com/docs/result/index.php?id=6a083b96953bbcef1c90abb1

Tags:

n/a

Verdict:

Malicious

Labled as:

Trojan.Cryxos.JS

Link:

https://www.hybrid-analysis.com/sample/dbcf961fa63cec5fc675bd20be2b3ebe3a71d2fcd11a4e0aacb1e991de9c184f

Verdict:

Malicious

File Type:

js

First seen:

2026-05-15T04:04:00Z UTC

Last seen:

2026-05-18T07:34:00Z UTC

Hits:

~1000

Detections:

HEUR:Trojan-Downloader.Script.Generic PDM:Trojan.Win32.Generic HEUR:Trojan.Script.Generic

Link:

https://opentip.kaspersky.com/dbcf961fa63cec5fc675bd20be2b3ebe3a71d2fcd11a4e0aacb1e991de9c184f/results?tab=lookup

Score:

76%

Verdict:

Malware

File Type:

SCRIPT

Link:

https://malprob.io/report/dbcf961fa63cec5fc675bd20be2b3ebe3a71d2fcd11a4e0aacb1e991de9c184f

Verdict:

inconclusive

YARA:

2 match(es)

Link:

https://app.malva.re/file/7ad44b94eac6912cfff858182539a93d

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/dbcf961fa63cec5fc675bd20be2b3ebe3a71d2fcd11a4e0aacb1e991de9c184f/

Verdict:

Malicious

Threat:

Trojan.Script

Link:

https://tip.neiki.dev/file/dbcf961fa63cec5fc675bd20be2b3ebe3a71d2fcd11a4e0aacb1e991de9c184f

Threat name:

Win32.Trojan.Ravartar

Status:

Malicious

First seen:

2026-05-15 13:06:39 UTC

File Type:

Text (JavaScript)

AV detection:

12 of 37 (32.43%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=3phzmh5ghtwf7rtvxuql4kz6xy5hdux42ene4cvmwhuzdxu4dbhq._file

Verdict:

malicious

Label(s):

stubrunner

purecrypter

Similar samples:

2ead3b4303a43796d7de2cf5fbd28743b3e1cf9690626ae575d360c474fb0639

358346be7566fc2ffb13141eabc5af270a9e0e8f71fa99aebc6a5b5d6281a101

4e9316a576cdd68222c70179622ccd13dcdc90f331459249a2d3b6b158c889d2

4ea5d759cba64680a2e67d9aafc281119ce40bf88694edc56ab38d90ba95703c

500592a2cfd2536eeac2bd102bd56bb2c5f5fb4aff3c15239c6b9b8113c5f2d7

57f4cdc0363e85d6542a2473eb252711dfc1667d6a2875d2c507fc817bced680

9b6b53ffc24cf8ca9350321c1b073a7ff034eca45020453af607be0d455d47dd

9d34b9747ceb4a2a40f23df7e3f91fa3a96cac6f1931cdb2081ca5b84a81c6cc

+ 8 additional samples on MalwareBazaar

Gathering data

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/dbcf961fa63cec5fc675bd20be2b3ebe3a71d2fcd11a4e0aacb1e991de9c184f

File information

The table below shows additional information about this malware sample such as delivery method and external references.

No further information available

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample