MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3fdc7380613344c2b9458117b45028516709b68c2b3ed296ac688378a46caae6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 1 Yara Comments 2

SHA256 hash: 3fdc7380613344c2b9458117b45028516709b68c2b3ed296ac688378a46caae6
SHA3-384 hash: 0185872488501704bae107afe3b984c803fb91df54dc6841c7a8c69de2af78a8315eefe9fb6140282bf1a85b731348fa
SHA1 hash: 35de05e8f88e8fcb4626b857947e194813599163
MD5 hash: 9dca11c9fc39f25b6098c8d2e277bfc4
humanhash: shade-winter-angel-robin
File name:Inquiry Lists and specification.zip
Download: download sample
Signature n/a
File size:19'427 bytes
First seen:2020-03-10 20:13:58 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 384:hNNWDNtSpJjhcBD/NrYFAYngDlh/VP4JzGsp60EOQf66q:hkwpgtGFAYMlOzJti6B
TLSH 3692D12319CC286F81916DAD7391B0FC30EC35D131AED5895915EF4F8517AF29E3A40A
Reporter @cocaman
Tags:attachment zip

Intelligence


Mail intelligence
Trap location Impact
CH Switzerland Low
NL Netherlands Low
# of uploads 1
# of downloads 25
Origin country FR FR
ClamAV PUA.Win.Packer.ProtectSharewar-2
PUA.Win.Packer.ProtectSharewar-3
Win.Trojan.Generic-7614798-0
Sanesecurity.Malware.25244.ZipHeur.UNOFFICIAL
Sanesecurity.Malware.21103.ZipHeur.UNOFFICIAL
CERT.PL MWDB Gathering data
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Injector
First seen:2020-03-10 13:33:24 UTC
AV detection:19 of 45 (42.22%)
Threat level:   2/5
VirusTotal:Virustotal results 20.00%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

zip 3fdc7380613344c2b9458117b45028516709b68c2b3ed296ac688378a46caae6

(this sample)

Comments



Avatar
abuse.ch commented on 2020-03-14 17:32:14 UTC

HELO: lsm-ingenieure.de
Sending IP: 37.120.140.192
From: info@lsm-ingenieure.de
Reply-To: smtpf0x@akxez.com

Avatar
Corsin Camichel commented on 2020-03-10 20:15:30 UTC

Subject: Inquiry N.134707
Sender: Orgiamo