MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0227f96f41f7a7bd218f0a1e76a88d2940777071dc0369f49417cb6541641b66. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0227f96f41f7a7bd218f0a1e76a88d2940777071dc0369f49417cb6541641b66
SHA3-384 hash: 26c3e086b791989908fd57d122f32c752285e82663da65bba203c94b677588a09811ed7b3afc706c467502e6dfc851c8
SHA1 hash: 452e9ad09d69b725dfdeb01f6ab6562272133eac
MD5 hash: 3a61516e270d01f5d3f7c67a4a212001
humanhash: carbon-saturn-lactose-lake
File name:terminat.exe
Download: download sample
File size:2'048 bytes
First seen:2022-08-05 16:18:24 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
ssdeep 24:etGSkb20O7h8DVngQ0N942Bcv9olbKFhyhzZ8GA+M4RZIgq7m:6ka0gh890z6Ibvju4Rwm
Threatray 47 similar samples on MalwareBazaar
TLSH T13F41510352C9D8E9E87C427E979FC132FAB1752477F6150E2205052A2CB0ACCDC74E08
TrID 33.4% (.EXE) OS/2 Executable (generic) (2029/13)
33.0% (.EXE) Generic Win/DOS Executable (2002/3)
33.0% (.EXE) DOS Executable Generic (2000/1)
0.4% (.VXD) VXD Driver (29/21)
Reporter 1ZRR4H
Tags:BURNTCIGAR exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
380
Origin country :
n/a
Vendor Threat Intelligence
Malware family:
n/a
ID:
1
File name:
0227f96f41f7a7bd218f0a1e76a88d2940777071dc0369f49417cb6541641b66.zip
Verdict:
Suspicious activity
Analysis date:
2022-08-06 08:26:39 UTC
Tags:
n/a
Link:
https://app.any.run/tasks/34bd34d8-9487-4225-8602-2f8f1fe86f59

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/296744/
Result
Verdict:
Clean
Maliciousness:
Result
Malware family:
n/a
Score:
  5/10
Tags:
n/a
Link:
https://dragonfly.certego.net/analysis/28177/overview
Behaviour
MalwareBazaar
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
packed
Link:
https://www.filescan.io/uploads/62ed42f99ca9b9bfcbebfbee/reports/5786ef45-4c45-4060-bad4-5899a58c8317/overview
Result
Verdict:
UNKNOWN
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Verdict:
Suspicious
Link:
https://analyze.intezer.com/analyses/52c1c443-235a-4a07-aaa7-34de98207884
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1046917
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/0227f96f41f7a7bd218f0a1e76a88d2940777071dc0369f49417cb6541641b66/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ait7s32b66t32impbiphnkenffaho4dr3qbwt5euc7fwkqlednta._file
Verdict:
malicious
Similar samples:
19a879068bde8d055650dd1b6f5ae4697a16aa206cf0e0e4f84619433606af92
3312ee2ec44c08dd98d55bfc9284997f9f632a62558d8b708576378ebeca622e
a3b14096156684a6aed44851c7c9d1fbe64e7926cbdf57317f083f0ca1ae4d06
b03e97cdc9f9ba9f3309b22346ae26863b234181bfc400c06d35de19cdb220e0
ed220a4ab4a9de44a5d1cd380be9dab98e90f820003e38bff4163ff4c881ea30
f4ca63aeb4e3246c5d923942497d650bc3920c9fbc78a330ecf9d7db67e0cb8f
f988cdf69822247eb38f7ef3afef5fbb39f506ca0730b3df815f42c40f67f31a
fd280b46b65ccc2d32b8889e0ab35155c22c428a7ed4e96b7a3588410ba9f4e8
+ 37 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/220805-tsg8dsegh4/
Unpacked files
SH256 hash:
0227f96f41f7a7bd218f0a1e76a88d2940777071dc0369f49417cb6541641b66
MD5 hash:
3a61516e270d01f5d3f7c67a4a212001
SHA1 hash:
452e9ad09d69b725dfdeb01f6ab6562272133eac
Link:
https://www.unpac.me/results/a6c95e00-3472-4b6a-ab8f-f82bfdbc20af/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/0227f96f41f7a7bd218f0a1e76a88d2940777071dc0369f49417cb6541641b66

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/296744/

Comments