MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 1fb2d300e3042a8b0a43447daff7ac9104468b7b53c7d1f9faaa730a53a546b6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 1fb2d300e3042a8b0a43447daff7ac9104468b7b53c7d1f9faaa730a53a546b6
SHA3-384 hash: 0c28b658a64e559b3697fc539233935b337177165eef24575d1da6e837af2b0b1b41257c555695f411c9b2693d7bb328
SHA1 hash: 0a53a7eed11b252c9a00a2acb20651c996694b9e
MD5 hash: 679ccd98397dcefb6422bbc26426282f
humanhash: east-beryllium-autumn-dakota
File name:60F20.dll
Download: download sample
File size:397'024 bytes
First seen:2020-05-19 13:28:06 UTC
Last seen:2020-05-19 14:54:31 UTC
File type:DLL dll
MIME type:application/x-dosexec
imphash af2a1cf0ae9d12b4ef9c165cff60e4b3
ssdeep 6144:OICvMnOTvcfgA0qBlJ89Ojo33C1oVDtY4sG2/WctyzuYf0ob8L23/TV+:uvMnAA9BleOjoH4Ktm+jbFX3/4
Threatray 4 similar samples on MalwareBazaar
TLSH 56849D439AD3C0F1E9D221BD21B7673B8E3E6A072126D657D3D4DD914C22322F62E34A
Reporter James_inthe_box
Tags:dll

Intelligence

File Origin
# of uploads :
2
# of downloads :
80
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
PUA.Win.Packer.PrivateExeProte-16
Create hunting rule

PUA.Win.Packer.Ep-7
Create hunting rule

PUA.Win.Packer.Embedpe-3
Create hunting rule

PUA.Win.Packer.AcprotectUltraprotect-1
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-05-19 13:27:46 UTC
File Type:
PE (Dll)
AV detection:
6 of 29 (20.69%)
Threat level:
  5/5
Verdict:
unknown
Similar samples:
1561967cff081a9b139de45a82e6a61e2f5b01834d4666f2fc88cf0c52220268
1cdadad999b9e70c87560fcd9821c2b0fa4c0a92b8f79bded44935dd4fdc76a5
a68d17bd5d8d8424bc83b5686307407df569acdd125aaa5f20952cfe40876c20
d2e4ef567c497136b0b0b75929ef07643296ca2814b6b0f19303ee29cb194cb1
Result
Malware family:
n/a
Score:
  9/10
Tags:
n/a
Link:
https://tria.ge/reports/201109-8t8hxmhr6n/
Behaviour
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Program crash
ServiceHost packer
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments