Safe
JSON data file with zero detections across 60 antivirus engines and no malicious behaviour indicators.
38b1cc932a935e9016…3e0d80b1eeThe verdict, reasoned out.
Not a rules engine. The MT AI Engine reads every signal we collected, weighs them against history, and commits to an answer.
The file is a JSON document, not executable code, and exhibits zero malicious signals. All 17 tier-1 antivirus engines (Avast, BitDefender, Kaspersky, Microsoft, ESET-NOD32, Fortinet, and others) report it undetected. No tier-1 family consensus exists, no low-trust-only flagging pattern is present, and no heuristic rules fired. The filename 'mobile_devices(1) 4.json' contains no injection attempts, hidden unicode, or brand mismatch. Behaviour telemetry is absent (no sandbox data, no dropped children, no contacted hosts), and external intelligence sources (CIRCL, MalwareBazaar, YARAify) returned no hits. The file's rarity (1 submission, first seen today) reflects newness rather than malice; legitimate data files are commonly submitted once.
Each signal cites a concrete token from the evidence the arbiter saw — engine name, MITRE technique, signer string, or an exact count.
engines.tier1Malicious=0; 17 tier-1 engines (Avast, BitDefender, Kaspersky, Microsoft, ESET-NOD32, Fortinet, Ikarus, Emsisoft, GData, F-Secure, DrWeb, Avira, AVG) all undetected
engines.malicious=0, engines.suspicious=0 across 60/74 reporting engines — zero detections
fileType=JSON, mimeType=application/json — data file, not executable; no PE analysis applicable
adversarialInputFlags.anyInjectionSuspected=false; filenameAnalysis shows no security-software or research-tool mimicry
behaviour=null, droppedChildren=null, contactedHosts=null, externalIntel all negative (CIRCL, MalwareBazaar, YARAify hits=false)
- Zero detections across 60 antivirus engines, including all 17 tier-1 vendors
- JSON data file format — not executable code
- No sandbox behaviour, no dropped children, no malicious host contact
- No adversarial filename patterns, no brand mismatch, no hidden unicode
- External intelligence sources (CIRCL, MalwareBazaar, YARAify) all negative
This file is safe. No action is required. If you downloaded it from a trusted source, you may use it without concern.
0 detections across 74 engines
How often this file shows up in the wild
Barely seen in the wild and first surfaced recently. This is the footprint of targeted malware the AV industry hasn't signatured yet — extra scrutiny is warranted.
Forensic fingerprint
- File name
- mobile_devices(1) 4.json
- Size
- 1.4 KB
- MIME type
- application/json
- Detected type
- JSON
- SHA-256
- 38b1cc932a935e90163a3025fceae5edf05903672d61706a794b6e3e0d80b1ee
- MD5
- e34cb6b857975683e6a525a0a0574591
- SHA-1
- 4ea8257cb6de41906b1d8756cc405ebd72f00a22
- First seen (VT)
- 6/19/2026, 9:39:36 AM
- Last analysis (VT)
- 6/19/2026, 9:39:36 AM
- First scan (MalwareTips)
- 6/19/2026, 9:40:30 AM
- Last scan (MalwareTips)
- 6/19/2026, 9:40:30 AM
Reviews & malware reports(0)
Tell the community what you saw. Tag the sample — Trojan, Adware, False Positive — and share what the file did on your system. Your report helps confirm or dispute the AV verdict.