MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ee46397ce9f0c465a00a000d497023d70d1db6e46f11d4f3302d0f4703bcbd7a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 8


Intelligence 8 IOCs YARA 4 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ee46397ce9f0c465a00a000d497023d70d1db6e46f11d4f3302d0f4703bcbd7a
SHA3-384 hash: fe07a2bca95c07ff42f63d78fc0d7766688d89a66e70db826984ea45d71e55969636f316e5201c55164aef82787801d7
SHA1 hash: 736c3d4c6e66ebaeb5c88fb43c30f48af266e2fa
MD5 hash: 3851a4e07ed7de5fd028ebdbd141ffab
humanhash: golf-jig-bulldog-crazy
File name:ee46397ce9f0c465a00a000d497023d70d1db6e46f11d4f3302d0f4703bcbd7a.js
Download: download sample
File size:1'304'135 bytes
First seen:2025-12-30 17:55:25 UTC
Last seen:Never
File type:Java Script (JS) js
MIME type:text/plain
ssdeep 24576:lpmJ+2DhEDSV/ozAtS5tn7zy4gEgtCLs3KRCl0Y8Iv6UTJw:qTVAEtSLCsdCv5C
TLSH T18A553363AC91796B8F9CC82D60BF3F1E1912EA910854BE67A1CC6193311BD13692F43F
Magika javascript
Reporter JAMESWT_WT
Tags:js

Intelligence

File Origin
# of uploads :
1
# of downloads :
89
Origin country :
IT IT
Vendor Threat Intelligence
No detections
Verdict:
Malicious
Score:
70%
Link:
https://cyber-fortress.com/docs/result/index.php?id=695412417d915bf1778f0ff6
Tags:
vmdetect
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
anti-vm obfuscated repaired
Link:
https://www.filescan.io/uploads/69541241127d6a14e0c8ca66/reports/3aea23e7-6dfc-47ad-8c7a-f56b5a119c69/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/ee46397ce9f0c465a00a000d497023d70d1db6e46f11d4f3302d0f4703bcbd7a
Result
Gathering data
Verdict:
Malicious
File Type:
js
Detections:
HEUR:Trojan.Script.Generic
Link:
https://opentip.kaspersky.com/ee46397ce9f0c465a00a000d497023d70d1db6e46f11d4f3302d0f4703bcbd7a/results?tab=lookup
Score:
95%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/ee46397ce9f0c465a00a000d497023d70d1db6e46f11d4f3302d0f4703bcbd7a
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/ee46397ce9f0c465a00a000d497023d70d1db6e46f11d4f3302d0f4703bcbd7a/
Verdict:
Malicious
Threat:
Trojan.Script
Link:
https://tip.neiki.dev/file/ee46397ce9f0c465a00a000d497023d70d1db6e46f11d4f3302d0f4703bcbd7a
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=5zdds7hj6dcgliakaagus4bd24gr3nxen4i5j4zqfuhuoa54xv5a._file
Gathering data
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.90
Link:
https://yomi.yoroi.company/submissions/ee46397ce9f0c465a00a000d497023d70d1db6e46f11d4f3302d0f4703bcbd7a

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:CP_Script_Inject_Detector
Create hunting rule
Author:DiegoAnalytics
Description:Detects attempts to inject code into another process across PE, ELF, Mach-O binaries
Rule name:vmdetect
Create hunting rule
Author:nex
Description:Possibly employs anti-virtualization techniques
Rule name:Warp
Create hunting rule
Author:Seth Hardy
Description:Warp
Rule name:WarpStrings
Create hunting rule
Author:Seth Hardy
Description:Warp Identifying Strings

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments