MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2abc6a62d91d9f75e027e52898a257034a2ba27c22254127eb96960d2355acc9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2abc6a62d91d9f75e027e52898a257034a2ba27c22254127eb96960d2355acc9
SHA3-384 hash: 3d3d2e89251dcb2f998f807133465a7fbb39c2781fb957443fe48e78e490b4b5b5524b4ad0f51b24e38b30f3899c451c
SHA1 hash: 4f174194d6c41ba0cbd475a98b11a1b80dbaf005
MD5 hash: b1ad1a2882253286e8a7bf7846e4bb9a
humanhash: pizza-indigo-thirteen-william
File name:COMBINED SHIPPING DOCUMENTS INV, PL, BL & COO. pdf.img
Download: download sample
File size:1'638'400 bytes
First seen:2020-05-28 13:13:54 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 24576:Vd8HYOBeBbuT2occbeSi+rhn/p62Kbk5Ju8:Pikbuha2rMj8
TLSH D375CE587E189ECBC97FD5F04014A3462EA1ED322410FE9D6AFB31AA82B2FD165C51D3
Reporter cocaman
Tags:img


Avatar
cocaman
Malicious email
From: ASIA PACIFIC LINE LTD <hk@asialineltd.com>
Received: from asialineltd.com (unknown [103.133.110.140])
Date: 28 May 2020 06:10:36 -0700
Subject: RE: Set of combined documents for shipment of goods container
Attachment: COMBINED SHIPPING DOCUMENTS INV, PL, BL & COO. pdf.img

Intelligence

File Origin
# of uploads :
1
# of downloads :
69
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.MSIL.Kryptik.VFR-1.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-05-28 13:37:31 UTC
File Type:
Binary (Archive)
Extracted files:
29
AV detection:
12 of 31 (38.71%)
Threat level:
  5/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

img 2abc6a62d91d9f75e027e52898a257034a2ba27c22254127eb96960d2355acc9

(this sample)

Executable exe 89d89b1550b51a8fb003b70ae9fdd4a479a20225fc64466e51a3cd1c8e08464d

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 89d89b1550b51a8fb003b70ae9fdd4a479a20225fc64466e51a3cd1c8e08464d

Comments