MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 58290a95e1795ec7312e4ce26bfff7e0fb7a620a3aac2627d3ae6c83f5a4bf60. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 1 Yara Comments

SHA256 hash: 58290a95e1795ec7312e4ce26bfff7e0fb7a620a3aac2627d3ae6c83f5a4bf60
SHA3-384 hash: 8a16c9a2c3eb33463a037e686ed10623580fef504ec967303f41fc85d677a81736a0b866bc9e8e8a51bb4bc9fcd894a0
SHA1 hash: 8a7cc5c0f41ae45064a88ec67ab0e8a3ca2514f2
MD5 hash: 35271695a6202c514fef4520d49886ea
humanhash: violet-delta-low-burger
File name:ransomware
Download: download sample
Signature MedusaLocker
File size:694'784 bytes
First seen:2020-06-30 07:42:46 UTC
Last seen:2020-06-30 08:32:09 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash f2a8a842c869f344b4d75729bc60feed
ssdeep 12288:cPJ4U0TYQivI2qZ7aSgLwkFVpzUvest4ZEbjJLuRJVoM7:JzTYVQ2qZ7aSgLwuVfstRJLaYM
TLSH BDE48D1035C2C132E97315728EBD996E416DFD220B2728DBA3C8165E5FB99F27E32532
Reporter @JAMESWT_MHT
Tags:MedusaLocker

Intelligence


Mail intelligence No data
# of uploads 2
# of downloads 31
Origin country IT IT
CAPE Sandbox Detection:MedusaLocker
Link: https://www.capesandbox.com/analysis/16921/
ClamAV PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/58290a95e1795ec7312e4ce26bfff7e0fb7a620a3aac2627d3ae6c83f5a4bf60/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Delshad
First seen:2020-05-30 14:28:46 UTC
AV detection:28 of 31 (90.32%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:n/a
Link: https://tria.ge/reports/200630-ns1w3kbn4j/
Tags:evasion trojan ransomware spyware persistence
VirusTotal:Virustotal results 77.78%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments