MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4900df0b8fa6fd8041470531f41d2a8afec25c39ad60175d810d880148615da9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information 1 Yara Comments

SHA256 hash: 4900df0b8fa6fd8041470531f41d2a8afec25c39ad60175d810d880148615da9
SHA3-384 hash: 17d0f747fc35546327f508f9f47af7b5be4b7dcc4d73099fb6d3f0541db587b02860a28036917a5ff3cea547cc1fa6e1
SHA1 hash: cad4f83daba9bb242366b7c2afccf60846aa6c36
MD5 hash: 33b434eb878a4f7d87191596d072afc3
humanhash: sixteen-lithium-thirteen-table
File name:54039_8097_fibl.zip
Download: download sample
Signature n/a
File size:260'508 bytes
First seen:2020-06-30 05:25:44 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:4lY3B90t2zqSAhLoouvfJnr9qllf7H25bb/JrFRE5P8SUHfQby:25t2ONLoHZr9qllf72Zx05PPmfgy
TLSH D6442218FD52C8F90C2386158DAE2EE5FF1FDBDF661488926D366AD1AF1C00BE55028D
Reporter @jarumlus

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 30
Origin country FR FR
ClamAV SecuriteInfo.com.PUA.VBS-in-ZIP.UNOFFICIAL
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/4900df0b8fa6fd8041470531f41d2a8afec25c39ad60175d810d880148615da9/
ReversingLabs :Status:Malicious
Threat name:Script-VBS.Trojan.Kryptik
First seen:2020-06-30 05:27:04 UTC
AV detection:13 of 48 (27.08%)
Threat level:   2/5
VirusTotal:No data

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

zip 4900df0b8fa6fd8041470531f41d2a8afec25c39ad60175d810d880148615da9

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments