MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2ee2c07468fbd918a5d6be42c2950be67f33932ddfc072fa1097cff11ecee81d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments

SHA256 hash: 2ee2c07468fbd918a5d6be42c2950be67f33932ddfc072fa1097cff11ecee81d
SHA3-384 hash: 20c0292801d5b49c3a28bd61f6d7091c99d109245f5e8685e8a092894cf5ca42903776dc7c0d3b584353e0c20f9c4061
SHA1 hash: 61bc08a3c29f98740133ddbf39db97cbfad33ee9
MD5 hash: 340c38c80f5e5de9e9a9a4e51a21fb0c
humanhash: colorado-double-ink-nineteen
File name:Purchase Order.js
Download: download sample
Signature n/a
File size:186'180 bytes
First seen:2021-09-28 09:25:44 UTC
Last seen:2021-09-28 12:53:43 UTC
File type:Java Script (JS) js
MIME type:text/plain
ssdeep 3072:0XmaHaWLkUrXfBaybLgIn/RNo4UhITV5ZWfDvM8CkxO8h3lNmBLVO3:0XPHaW4s/Lg6/RNZXkEkx/BcO3
TLSH T19D04AF1489C38B56B769B9FD503A21297FA011DEB0C57DB3D3EEE91A1B9F74002290BD
Reporter @abuse_ch
Tags:js

Intelligence


File Origin
# of uploads :
3
# of downloads :
99
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Threat name:
Script.Trojan.Heuristic
Status:
Malicious
First seen:
2021-09-28 08:38:48 UTC
AV detection:
3 of 45 (6.67%)
Threat level:
  2/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Behaviour
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Enumerates physical storage devices
Program crash

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Java Script (JS) js 2ee2c07468fbd918a5d6be42c2950be67f33932ddfc072fa1097cff11ecee81d

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments