MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 68bb98df259614529f5a4477e6522c2c50562dbd09268ec94b2abff1a8aa30f5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Threat unknown


Vendor detections: 5


Intelligence 5 File information Yara Comments

SHA256 hash: 68bb98df259614529f5a4477e6522c2c50562dbd09268ec94b2abff1a8aa30f5
SHA3-384 hash: 5b0c2410ed445d35d90c40f10f67cbcef4f19a192635cd700b9d55bbaf53d9625bc6ac54fde8609b7e73ceedb6918a6c
SHA1 hash: a4d576b4f15d26cd251b895c54e50c65ee0ecc09
MD5 hash: db19390740d15be6f2d74fcfec6a99d5
humanhash: idaho-fanta-zebra-uranus
File name:Payment Receipt.zip
Download: download sample
Signature n/a
File size:346'946 bytes
First seen:2021-02-23 07:18:49 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:pm19QXahZynSC16DN104GRA9bmHV/VCSq3hwnl0bkgujQMg0y+lqKHTonmJyxDYf:pmEaOSsKs4YA9bm1/chCZkMg08qkn1ls
TLSH 3374235C0B8E6F2FADE818A8C573E97B038449FB239574554D8963E7D04D383E96B80B
Reporter @abuse_ch
Tags:zip


Twitter
@abuse_ch
Malspam distributing unidentified malware:

HELO: mail2.vtigress.com
Sending IP: 183.82.99.119
From: Basudeb Pan <test@vtigress.com>
Subject: Payment Acknowledgement Is Attached
Attachment: Payment Receipt.zip (contains "Payment Receipt.exe")

Intelligence


File Origin
# of uploads :
1
# of downloads :
50
Origin country :
FR FR
Mail intelligence
Geo location:
Global
Volume:
Low
Vendor Threat Intelligence
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Threat name:
Win32.Ransomware.Convagent
Status:
Malicious
First seen:
2021-02-23 07:19:08 UTC
AV detection:
23 of 48 (47.92%)
Threat level
  5/5
Threat name:
Suspicious File
Score:
0.54

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

zip 68bb98df259614529f5a4477e6522c2c50562dbd09268ec94b2abff1a8aa30f5

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments