File verdict·Decided by the MT AI Engine

Our call

Safe

Item: Personal Expense Tracker.html
Rating: 4.5
Author: MalwareTips File Scanner

Unsigned HTML file with embedded JavaScript; 61 engines report clean, including 17 tier-1 vendors; no malicious behaviour or external intel.

Trust score88High trust

MT AI confidence · 92%

Personal Expense Tracker.html

22.9 KB

e563adedb04efac3e2…780bac08d0

Antivirus engines

0 of 75 flagged

Code signing

Unsigned

Age

First-seen today

MT AI Engine · our arbiter

The verdict, reasoned out.

Not a rules engine. The MT AI Engine reads every signal we collected, weighs them against history, and commits to an answer.

92%Confidence

Very high

Reasoning

The file exhibits a clean detection profile across a comprehensive engine network. Zero malicious detections from 61 reporting engines, with unanimous agreement from tier-1 vendors, indicates the embedded JavaScript is benign (likely expense-tracking logic). The rare-new prevalence and unsigned status are typical for legitimate HTML utilities. No heuristic rules fired, no external corroboration of malice, and no runtime behaviour anomalies support a safe classification. The absence of any malicious signal is the strongest evidence here.

Key signals · 5

Each signal cites a concrete token from the evidence the arbiter saw — engine name, MITRE technique, signer string, or an exact count.

tier1Malicious=0; 17 tier-1 engines (Kaspersky, Microsoft, BitDefender, ESET-NOD32, Fortinet, Avast, AVG, Avira, DrWeb, Emsisoft, F-Secure, GData, Ikarus) all report undetected
engines.malicious=0/61 reporting; no malicious labels across all 61 reporting engines
File is unsigned HTML with embedded JavaScript; no signer history; filename is descriptive ('Personal Expense Tracker.html') with no adversarial markers
prevalence.classification=rare_new; no external intel hits (CIRCL, MalwareBazaar, YARAify all negative); no sandbox behaviour, no dropped children, no malicious host contact
triggeredHeuristics: empty array; no heuristic rules fired; no similar-hash RAG precedents

Points in its favour

17 tier-1 antivirus engines report clean (Kaspersky, Microsoft, BitDefender, ESET-NOD32, Fortinet, Avast, AVG, Avira, DrWeb, Emsisoft, F-Secure, GData, Ikarus)
Zero malicious detections across 61 reporting engines
No external intelligence hits (CIRCL, MalwareBazaar, YARAify negative)
No sandbox behaviour anomalies, no dropped children, no malicious host contact
Descriptive, benign filename with no adversarial injection markers

What to do

This file is safe. No action required. You can open and use it as intended.

No researcher-database hits

External threat-intel sources were not collected for this scan.

Antivirus engine breakdown

0 detections across 75 engines

0 malicious0 suspicious75 clean

Tier-117 engines

0flag

Top commercial AVs (low FP rate)

Tier-238 engines

0flag

Mainstream engines with mixed FP rates

Low-trust20 engines

0flag

Heuristic / generic-AI engines (high FP rate)

All 75 engines report this file as clean.

Hash e563adedb04e… cross-referenced against 75 AV engines via our AV network.

Prevalence

How often this file shows up in the wild

Barely seen in the wild and first surfaced recently. This is the footprint of targeted malware the AV industry hasn't signatured yet — extra scrutiny is warranted.

Rare & new

Unique uploaders

Very few people have ever uploaded this — rare.

Total submissions

Includes repeat uploads by the same source.

First seen by VT

0d ago

Jun 27, 2026

Prevalence quadrant

here

Rare · New

Targeted malware lives here

Common · New

Just-released software

Rare · Old

Niche or internal tooling

Common · Old

Trusted legitimate binaries

File identity

Forensic fingerprint

File biography

First seen (VT)

6/27/2026, 7:13:36 AM

First seen (MalwareBazaar)

—

Last analysis (VT)

6/27/2026, 7:13:36 AM

Scanned here

6/27/2026, 7:16:54 AM

File name: Personal Expense Tracker.html
Size: 22.9 KB
MIME type: (unknown)
Detected type: HTML
SHA-256: e563adedb04efac3e29fd921d2a25663ba9192be4d034658e0c633780bac08d0
MD5: fa03d39616a2a8f37219b2e3aec603c8
SHA-1: c5f8a67b78ded759ca743031802f82af6aa7fe7c
First seen (VT): 6/27/2026, 7:13:36 AM
Last analysis (VT): 6/27/2026, 7:13:36 AM
First scan (MalwareTips): 6/27/2026, 7:16:54 AM
Last scan (MalwareTips): 6/27/2026, 7:16:54 AM

Behavior tags

contains-embedded-jshtml

Community classification

Reviews & malware reports(0)

Tell the community what you saw. Tag the sample — Trojan, Adware, False Positive — and share what the file did on your system. Your report helps confirm or dispute the AV verdict.

Loading…

Loading reports…

Scan another

Check a different file

URL instead?

Check if a link is safe

Files are processed in a streaming pass-through — MalwareTips never stores the binary on its servers. Only the scan result (hash, detections, verdict) is retained so the next person who scans the same file gets an instant answer. If you ran this file on your computer and are worried, scan your system with an up-to-date antivirus and change critical passwords from a different device.