MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e8fc8381979d1dae22218073d0afcf1b232a5d828cddf6463eea987760bb467d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 9


Intelligence 9 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: e8fc8381979d1dae22218073d0afcf1b232a5d828cddf6463eea987760bb467d
SHA3-384 hash: fe61bb3b843f6a9435c5eef7e75a4b58e2dbdf04c653ea897f62fb422cac80805c5acbd39e24d0039c6177f5d08ec5a2
SHA1 hash: c3b69976a9d27a10abd7ec0789153d66a82ccb49
MD5 hash: 856b1abab6d382d8138021fb3f3ebce7
humanhash: pip-hawaii-earth-tennessee
File name:PO675673735.js
Download: download sample
File size:1'170'153 bytes
First seen:2026-02-16 15:08:46 UTC
Last seen:2026-02-16 15:31:53 UTC
File type:Java Script (JS) js
MIME type:text/plain
ssdeep 1536:Sbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb:1ED
Threatray 417 similar samples on MalwareBazaar
TLSH T1FE4512F7A682429B5D02B10281732E8E59E4CCBF6699CF8C512767C2F41974CC7F9A72
Magika javascript
Reporter James_inthe_box
Tags:exe js

Intelligence

File Origin
# of uploads :
2
# of downloads :
129
Origin country :
US US
Vendor Threat Intelligence
No detections
Detection(s):
SecuriteInfo.com.JS.Agent.DNO.tr.28757.16347.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
97.4%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6993331c0d0369ff9979e8bc
Tags:
ransomware obfuscate xtreme
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
obfuscated repaired
Link:
https://www.filescan.io/uploads/6993331c2ffccda09770cc9a/reports/34e0feaa-01be-4689-9690-fc232026ea69/overview
Verdict:
Malicious
Labled as:
JS/Agent.DNO
Link:
https://www.hybrid-analysis.com/sample/e8fc8381979d1dae22218073d0afcf1b232a5d828cddf6463eea987760bb467d
Verdict:
Malicious
File Type:
js
Detections:
Trojan-Downloader.JS.SLoad.sb HEUR:Trojan-Downloader.Script.Generic
Link:
https://opentip.kaspersky.com/e8fc8381979d1dae22218073d0afcf1b232a5d828cddf6463eea987760bb467d/results?tab=lookup
Score:
1%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/e8fc8381979d1dae22218073d0afcf1b232a5d828cddf6463eea987760bb467d
Verdict:
inconclusive
YARA:
1 match(es)
Link:
https://app.malva.re/file/856b1abab6d382d8138021fb3f3ebce7
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/e8fc8381979d1dae22218073d0afcf1b232a5d828cddf6463eea987760bb467d/
Verdict:
Malicious
Threat:
Family.REVERSELOADER
Link:
https://tip.neiki.dev/file/e8fc8381979d1dae22218073d0afcf1b232a5d828cddf6463eea987760bb467d
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=5d6ihamxtuo24irbqbz5bl6pdmrsuxmcrto7mrr65kmhoyf3iz6q._file
Verdict:
malicious
Label(s):
phantomstealer
Create hunting rule
Similar samples:
071a363ec38e71da9d074123c50ea594969d28878da8e754a6b6f7684940e809
17ced68461c9666597e1de5d3a69a219ada895e35c382eae83bd3a41918cad78
1e1a5e570fcc7175e7bf0cff282be1dfb5de613eb19d0a47d666c429ab7668b5
3e24bc53a54d730bc18f29a09e5bcbca55fa332d67a983a62bb39b12b4514f62
414557952c390312ea3cafa3cd3c069ff072c40840277921391565b79c800456
764892433fc11dc14ec10608d16131c178f7750b4fc9f8075a94d3824687162f
8f1056c686af9c05496ab2840c9751dab3e23a5d004b4793e62302fc0da5a821
c612385efecaca9ec7446fdc629d871a12fbcfca9ed45c653faf20361d3105c5
dbbb1c1ad17996d18e3e28537e0188b204657e87b8cb495e05bdb36c75cae466
error
+ 407 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  8/10
Tags:
execution
Link:
https://tria.ge/reports/260216-sjj5ysay6e/
Behaviour
Command and Scripting Interpreter: JavaScript
Badlisted process makes network request
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.81
Link:
https://yomi.yoroi.company/submissions/e8fc8381979d1dae22218073d0afcf1b232a5d828cddf6463eea987760bb467d

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments