Possible IOC

Disposition

Recommended action: Do not treat this as clean. Review the listed indicators, source, sender, and file hash before release.

This disposition is based only on facts present in the CAPE JSON. It is not a guarantee that a file is safe.

How This Was Determined

Malicious Indicators

No malicious indicators were identified by this script.

Possible IOC / Review Indicators

Lower-Risk Facts

Important Notes

VirusTotal

Stored CAPE result: Unable to complete connection to VirusTotal. Status code: 429

Manual lookup: Open SHA256 in VirusTotal

File Details

File name6-15 RMFG Hotlist C.html
File typeHTML document, ASCII text, with very long lines (474), with CRLF line terminators
Size476
MD5ef19cbfb3783067d11eb0ac5f55a443c
SHA179ed03ca6373e1e33d1819250acd02f3b09b6c98
SHA2569af8254aa2b53ca6311777c99a30b7df01eb10eba15284ca06dd8dff62667826
VirusTotal lookupOpen SHA256 in VirusTotal

Sandbox Run Details

Task ID15
Started2026-06-16 13:06:39
Ended2026-06-16 13:07:34
Duration55 seconds
Packageedge
Routenone
Machinecuckoo1
CAPE score0.5
CAPE status

YARA / AV Indicators

SourceRule / DetectionDescription / Evidence
No YARA hits recorded.
No CAPE YARA hits recorded.
No ClamAV hits recorded.

CAPE Signatures

SeverityConfidenceSignatureDescription
1100%suspicious_html_titleSample contains empty HTML title

Behavior Summary

Executed commands / child processes0
File writes0
File deletes0
Registry writes0
Created services0
Started services0
CAPE payload-like items0
CAPE extracted configs0
Dropped/related files captured0
Network indicators0

Executed Commands / Child Processes

None recorded.

File Writes

None recorded.

Registry Writes

None recorded.

Created Services

None recorded.

Started Services

None recorded.

CAPE Extracted Items

Payload-like Items

None recorded.

Extracted Configs

None recorded.

Network Activity

No network activity was recorded.

No network examples recorded.

Generated 2026-06-16T13:08:02 from /opt/CAPEv2/storage/analyses/15/reports/report.json