MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0d86a75c7c632f6c2e315bd31e4afd0c2d06c12aecf3349a7f8b4400875b3826. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 0d86a75c7c632f6c2e315bd31e4afd0c2d06c12aecf3349a7f8b4400875b3826
SHA3-384 hash: 985fddb77f7f469aedaf0bc65b0c0bb06945e5e2d7c2c8cd224d1ed9ea308919b15e3ec004dad524d37d7f3fbfa211a9
SHA1 hash: 98a9164fb3c47b4f504d138e307656af68390fa1
MD5 hash: 39120628780e5fe6ddf5820cafbe14b8
humanhash: connecticut-delta-kilo-king
File name:VIETAZ TRADING CO - ITEMS LIST.7Z
Download: download sample
Signature NanoCore
File size:537'884 bytes
First seen:2020-08-01 07:26:43 UTC
Last seen:Never
File type: 7z
MIME type:application/x-rar
ssdeep 12288:f4+ZrIdAZfi4g48dhEGZ641UVoa7efR2eIZUtQKSA53:Ydoi4CdWGZ/UVoukR2rUOJA53
TLSH AAB423F193CBE684CE9C932A2CFBE9019956515CB61CAA0D5DCF2D62070383539E6FC6
Reporter @jarumlus
Tags:NanoCore

Intelligence


File Origin
# of uploads :
1
# of downloads :
36
Origin country :
FR FR
Mail intelligence
Geo location:
CH Switzerland
Volume:
Low
Geo location:
IT Italy
Volume:
Low
Geo location:
Global
Volume:
High
Vendor Threat Intelligence
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Status:
Malicious
First seen:
2020-08-01 07:28:07 UTC
AV detection:
27 of 48 (56.25%)
Threat level
  5/5

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

NanoCore

7z 0d86a75c7c632f6c2e315bd31e4afd0c2d06c12aecf3349a7f8b4400875b3826

(this sample)

  
Dropped by
NanoCore
  
Delivery method
Distributed via e-mail attachment

Comments