MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3fdc7380613344c2b9458117b45028516709b68c2b3ed296ac688378a46caae6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments 2
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3fdc7380613344c2b9458117b45028516709b68c2b3ed296ac688378a46caae6
SHA3-384 hash: 0185872488501704bae107afe3b984c803fb91df54dc6841c7a8c69de2af78a8315eefe9fb6140282bf1a85b731348fa
SHA1 hash: 35de05e8f88e8fcb4626b857947e194813599163
MD5 hash: 9dca11c9fc39f25b6098c8d2e277bfc4
humanhash: shade-winter-angel-robin
File name:Inquiry Lists and specification.zip
Download: download sample
File size:19'427 bytes
First seen:2020-03-10 20:13:58 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 384:hNNWDNtSpJjhcBD/NrYFAYngDlh/VP4JzGsp60EOQf66q:hkwpgtGFAYMlOzJti6B
TLSH 3692D12319CC286F81916DAD7391B0FC30EC35D131AED5895915EF4F8517AF29E3A40A
Reporter cocaman
Tags:attachment zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
92
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
PUA.Win.Packer.ProtectSharewar-2
Create hunting rule

PUA.Win.Packer.ProtectSharewar-3
Create hunting rule

Win.Trojan.Generic-7614798-0
Create hunting rule

Sanesecurity.Malware.25244.ZipHeur.UNOFFICIAL
Create hunting rule

Sanesecurity.Malware.21103.ZipHeur.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Injector
Create hunting rule
Status:
Malicious
First seen:
2020-03-10 13:33:24 UTC
File Type:
Binary (Archive)
Extracted files:
7
AV detection:
19 of 45 (42.22%)
Threat level:
  2/5
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Unknown
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/3fdc7380613344c2b9458117b45028516709b68c2b3ed296ac688378a46caae6

File information

The table below shows additional information about this malware sample such as delivery method and external references.

zip 3fdc7380613344c2b9458117b45028516709b68c2b3ed296ac688378a46caae6

(this sample)

GuLoader

Executable exe ecbbdea89347df30a9575353b8886499a88d30f5606f60c922c62e4a56637c74

  
Dropping
SHA256 ecbbdea89347df30a9575353b8886499a88d30f5606f60c922c62e4a56637c74

Comments


Avatar
commented on 2020-03-14 17:32:14 UTC

HELO: lsm-ingenieure.de
Sending IP: 37.120.140.192
From: info@lsm-ingenieure.de
Reply-To: smtpf0x@akxez.com

Avatar
Corsin Camichel commented on 2020-03-10 20:15:30 UTC

Subject: Inquiry N.134707
Sender: Orgiamo