MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4c34d35aa6bfb51235832f2f653d4d95ac18f8050d7b9894a3810492341c5ed2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence File information 2 Yara 1 Comments

SHA256 hash: 4c34d35aa6bfb51235832f2f653d4d95ac18f8050d7b9894a3810492341c5ed2
SHA3-384 hash: f32c28ce81b7fab4bc915e439f9e184081a5769e6f12ca4cb82bfea109a07251c57722bb66e6d2f18b060e102ecf3bef
SHA1 hash: 602c808c644bd96cbf7f6d4423d22fd1bff8b538
MD5 hash: 2a6d6ea570bf94f27a057e2181247e6e
humanhash: freddie-early-diet-bacon
Download: download sample
Signature n/a
File size:101'981 bytes
First seen:2020-06-30 07:01:24 UTC
Last seen:Never
File type:Rich Text Format (RTF) rtf
MIME type:text/rtf
ssdeep 768:qw3SL7yBq7bACUSVDj3mqXN8Iec0hTGjQnGZpqQGixmD+KNLBD:qnLBI6Dj3mqXN8I9UGjYGPaiYC8tD
TLSH 14A372F800881569D3D390907F5EF854352BF96B88F188B433EFD37A51BEAA8E953911
Reporter @SecuriteInfoCom


Mail intelligence No data
# of uploads 1
# of downloads 27
Origin country FR FR
ClamAV TwinWave.EvilDoc.ExecFuncDepthNestHopeIsDangerousForAMiscreantToHave.20200403.UNOFFICIAL
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Document-Word.Downloader.Sload
First seen:2020-03-27 05:21:34 UTC
AV detection:12 of 31 (38.71%)
Threat level:   2/5
Hatching Triage Score:   10/10
Malware Family:n/a
VirusTotal:Virustotal results 43.33%

Yara Signatures

Rule name:SharedStrings
Author:Katie Kleemola
Description:Internal names found in LURK0/CCTV0 samples

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Rich Text Format (RTF) rtf 4c34d35aa6bfb51235832f2f653d4d95ac18f8050d7b9894a3810492341c5ed2

(this sample)

Delivery method
Distributed via web download