MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 56ad5bcdd48434f33ba2869816fdc814b00f6dad8971b2e0fa9829f7a662ce19. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 56ad5bcdd48434f33ba2869816fdc814b00f6dad8971b2e0fa9829f7a662ce19
SHA3-384 hash: 264ceeeffb8ed24d4f79cfa9812664041d922d19946a32a2460b48d8d3606223fa8496418817b9f94fd6343ae0649f73
SHA1 hash: 7ab28a03451836a1c3fe5648f55add3f3e5b259c
MD5 hash: fe6939d04e68dbbfaf63f8aa107a734f
humanhash: wyoming-pizza-stream-pip
File name:BL_Draft2020877654443.gz.pdf
Download: download sample
File size:437'188 bytes
First seen:2020-08-18 11:10:35 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:Aeyl9WfEdiwrK52U0qkBlinhJX3TTWdBwFga2t:ATklcKZ/hJX3TTW/wFgjt
TLSH 1E94231B2BA30074A2A5685599DCDFD7ADD2076E13DF8B84F04FBE5A63963303D02217
Reporter abuse_ch
Tags:pdf


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: srv.kibriswebhizmetleri.com
Sending IP: 213.159.5.123
From: Rashid Omai <info@hameedtr.net.pk>
Subject: Re: **TOP URGENT** Shipping Documents
Attachment: BL_Draft2020877654443.gz.pdf (contains "BL_Draft2020877654443.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
170
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/56ad5bcdd48434f33ba2869816fdc814b00f6dad8971b2e0fa9829f7a662ce19/
Threat name:
ByteCode-MSIL.Trojan.CryptInject
Create hunting rule
Status:
Malicious
First seen:
2020-08-18 11:12:10 UTC
AV detection:
19 of 29 (65.52%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=k2wvxtouqq2pgo5cq2mbn7oicsya63nnrfy3fyh2tau7pjtczymq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/56ad5bcdd48434f33ba2869816fdc814b00f6dad8971b2e0fa9829f7a662ce19

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

rar 56ad5bcdd48434f33ba2869816fdc814b00f6dad8971b2e0fa9829f7a662ce19

(this sample)

Executable exe f9d090bd85858fb63dc8b9c378b2c94a1a4419651bd8d658786391947e7e01d2

  
Dropping
MD5 2c9529f36bfe844a55501d4695d3015d
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 f9d090bd85858fb63dc8b9c378b2c94a1a4419651bd8d658786391947e7e01d2

Comments