MalwareTips
File verdict·Decided by the MT AI Engine
Our call

Safe

JSON data file with zero malicious detections across 60 antivirus engines, including 17 tier-1 vendors; benign and safe.

Trust score92High trust
MT AI confidence · 98%
user_information.json
2.7 KB
461888938ee5d3a91acb9d20fae8
Antivirus engines
0 of 74 flagged
Code signing
Unsigned
Age
First-seen today
MT AI Engine · our arbiter

The verdict, reasoned out.

Not a rules engine. The MT AI Engine reads every signal we collected, weighs them against history, and commits to an answer.

98%Confidence
Very high
Reasoning

The file is a plain JSON document (2.7 KB) with no executable content or embedded code. All 60 reporting antivirus engines, including 17 high-trust tier-1 vendors, reported the file as undetected or clean. No tier-1 family consensus exists, no low-trust engines flagged it, and no external intelligence sources (CIRCL, MalwareBazaar, YARAify) identified any threat. The filename is benign, no heuristics fired, and no sandbox behaviour data exists (JSON files do not execute). The rare_new prevalence classification is expected for a newly submitted data file and carries no malicious implication.

Key signals · 5

Each signal cites a concrete token from the evidence the arbiter saw — engine name, MITRE technique, signer string, or an exact count.

  1. engines.tier1Malicious=0; tier1ReportedClean=17 (Kaspersky, Microsoft, BitDefender, ESET-NOD32, Fortinet, Avast, AVG, Avira, DrWeb, Emsisoft, F-Secure, GData, Ikarus all silent)

  2. engines.malicious=0, suspicious=0 across 60/74 reporting engines; onlyLowTrustFlagging=false

  3. File type: JSON (application/json); no PE analysis, no executable code, no sandbox behaviour data

  4. signing.verified=false, unsigned; no signer history; brandMismatch.detected=false

  5. prevalence.classification=rare_new (1 submission); triggeredHeuristics=[] (no rules fired); externalIntel all negative (CIRCL, MalwareBazaar, YARAify)

Points in its favour
  • Zero malicious detections across 60 antivirus engines
  • 17 tier-1 vendors all report clean
  • JSON file type (non-executable data container)
  • No external threat intelligence hits
  • No heuristic rules triggered
What to do

This file is safe to use. No quarantine or remediation is necessary. The complete absence of detections across a broad antivirus network, combined with the benign JSON file type and lack of any executable or network-based threat indicators, confirms the file poses no security risk.

No researcher-database hits
External threat-intel sources were not collected for this scan.
Antivirus engine breakdown

0 detections across 74 engines

0 malicious0 suspicious74 clean
Tier-117 engines
0flag
Top commercial AVs (low FP rate)
Tier-237 engines
0flag
Mainstream engines with mixed FP rates
Low-trust20 engines
0flag
Heuristic / generic-AI engines (high FP rate)
All 74 engines report this file as clean.
Hash 461888938ee5… cross-referenced against 74 AV engines via our AV network.
Prevalence

How often this file shows up in the wild

Barely seen in the wild and first surfaced recently. This is the footprint of targeted malware the AV industry hasn't signatured yet — extra scrutiny is warranted.

Rare & new
Unique uploaders
1
Very few people have ever uploaded this — rare.
Total submissions
1
Includes repeat uploads by the same source.
First seen by VT
0d ago
Jun 19, 2026
Prevalence quadrant
here
Rare · New
Targeted malware lives here
Common · New
Just-released software
Rare · Old
Niche or internal tooling
Common · Old
Trusted legitimate binaries
File identity

Forensic fingerprint

File biography
First seen (VT)
6/19/2026, 9:42:02 AM
First seen (MalwareBazaar)
Last analysis (VT)
6/19/2026, 9:42:02 AM
Scanned here
6/19/2026, 9:43:00 AM
File name
user_information.json
Size
2.7 KB
MIME type
application/json
Detected type
JSON
SHA-256
461888938ee5d3a91ad41d5852aaf78f16f43f67e56690945c313bcb9d20fae8
MD5
f29a03b3bdfe370ed3e5558ff834dc6e
SHA-1
66774b97121f293102e35dda4699d509633b2bae
First seen (VT)
6/19/2026, 9:42:02 AM
Last analysis (VT)
6/19/2026, 9:42:02 AM
First scan (MalwareTips)
6/19/2026, 9:43:00 AM
Last scan (MalwareTips)
6/19/2026, 9:43:00 AM
Behavior tags
json
Community classification

Reviews & malware reports(0)

Tell the community what you saw. Tag the sample — Trojan, Adware, False Positive — and share what the file did on your system. Your report helps confirm or dispute the AV verdict.

Loading…
Loading reports…
Scan another
Check a different file
URL instead?
Check if a link is safe
Files are processed in a streaming pass-through — MalwareTips never stores the binary on its servers. Only the scan result (hash, detections, verdict) is retained so the next person who scans the same file gets an instant answer. If you ran this file on your computer and are worried, scan your system with an up-to-date antivirus and change critical passwords from a different device.