MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e25428c86f98e0ca74e0785ade982e2698873903eb8e3de77cc0c6e8cc3d3970. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 6

Intelligence 6 IOCs YARA File information Comments

SHA256 hash:	e25428c86f98e0ca74e0785ade982e2698873903eb8e3de77cc0c6e8cc3d3970
SHA3-384 hash:	349772efec555d8012b4ca55dbb63b034a62d48efd3a567b6ef82eb67aa588569d1d8707ff8592acad16d682971e0313
SHA1 hash:	7265967ffbb85abcfe3980e530086e4e5c21d201
MD5 hash:	23923c035be3928189943b4880311ed4
humanhash:	minnesota-wisconsin-nevada-colorado
File name:	LAH.js
Download:	download sample
File size:	1'431'129 bytes
First seen:	2026-02-27 18:01:24 UTC
Last seen:	Never
File type:	js
MIME type:	text/plain
ssdeep	384:z8BkGCg2GDFGJPs516afy80SkZXkAn7pBeNlNwE:7HDE5kYy80SARXeNLf
TLSH	T17D65E2E5D7AA1415076A3718EC75BE80FCAB1F1F89D380CE373012DCBAB85AE5674918
Magika	javascript
Reporter	BastianHein
Tags:	js

Intelligence

File Origin

# of uploads :

# of downloads :

111

Origin country :

Vendor Threat Intelligence

No detections

Detection(s):

SecuriteInfo.com.VBS.Obfus-152.UNOFFICIAL

Verdict:

Malicious

Score:

90.9%

Link:

https://cyber-fortress.com/docs/result/index.php?id=69a1dc1d8fffa866e3b2e531

Tags:

obfuscate xtreme shell

Verdict:

Unknown

Threat level:

2.5/10

Confidence:

100%

Tags:

repaired

Link:

https://www.filescan.io/uploads/69a1dc2bcd25bfe1dfdc19e1/reports/d6787b89-13eb-4f45-b7da-26ea77e72f6c/overview

Verdict:

Suspicious

Labled as:

JS/Agent.DJP

Link:

https://www.hybrid-analysis.com/sample/e25428c86f98e0ca74e0785ade982e2698873903eb8e3de77cc0c6e8cc3d3970

Verdict:

Malicious

File Type:

hta

Detections:

PDM:Trojan.Win32.Generic Trojan-Downloader.JS.SLoad.sb Trojan.JS.SAgent.sb HEUR:Trojan.Script.Generic

Link:

https://opentip.kaspersky.com/e25428c86f98e0ca74e0785ade982e2698873903eb8e3de77cc0c6e8cc3d3970/results?tab=lookup

Verdict:

inconclusive

YARA:

2 match(es)

Tags:

Html

Link:

https://app.malva.re/file/23923c035be3928189943b4880311ed4

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/e25428c86f98e0ca74e0785ade982e2698873903eb8e3de77cc0c6e8cc3d3970/

Verdict:

Malicious

Threat:

Family.EMMENHTAL

Link:

https://tip.neiki.dev/file/e25428c86f98e0ca74e0785ade982e2698873903eb8e3de77cc0c6e8cc3d3970

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=4jkcrsdptdqmu5hapbnn5gboe2miooid5ohd3z34yddortb5hfya._file

Result

Malware family:

n/a

Score:

3/10

Tags:

execution

Link:

https://tria.ge/reports/260227-wmlpqsev8b/

Behaviour

Command and Scripting Interpreter: JavaScript

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/e25428c86f98e0ca74e0785ade982e2698873903eb8e3de77cc0c6e8cc3d3970

File information

The table below shows additional information about this malware sample such as delivery method and external references.

No further information available

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample