MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 77a2a80f02479c3a883e801f15ac3ee9140de0fc6f0c0ec60c2642d7e09411ef. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Loki


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 77a2a80f02479c3a883e801f15ac3ee9140de0fc6f0c0ec60c2642d7e09411ef
SHA3-384 hash: 8bc55e31eb40f1fa3904d82cfcc887d2ddf4bdaf6f9b4540c3b02660b750c6883b24eb61ce10d994c169dc680c18fa3f
SHA1 hash: d466d360326b81f232287879acb40b5223e9eac9
MD5 hash: f3cf7131ebcf179b261eb9199bd1e9ff
humanhash: monkey-five-pennsylvania-double
File name:IMG-#120789.ace
Download: download sample
Signature Loki
Create hunting rule
File size:278'954 bytes
First seen:2020-07-06 12:43:46 UTC
Last seen:Never
File type: ace
MIME type:application/octet-stream
ssdeep 6144:DKM/1uCx58HBXIOInEKSZgJ8yz9z/wQvj69yp3q8HGt5HtcdiQ+T4Pr61mAR:DP/1uCL8DIEVZPyz9Dw99yGYj+bAAR
TLSH A454230A5233867F0A134B1C557F3EE17DC4CA34E61E64FA05AAA622E713C76D94CB93
Reporter cocaman
Tags:ace


Avatar
cocaman
Malicious email
From: Amy <info121@alcon.com>
Received: from alcon.com (46-13-77-220.customers.tmcz.cz [46.13.77.220])
Date: 06 Jul 2020 14:31:18 +0200
Subject: Re: Order
Attachment: IMG-#120789.ace

Intelligence

File Origin
# of uploads :
1
# of downloads :
65
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.25166.AceHeur.Exe.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.Suspicious-ACE-exe.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/77a2a80f02479c3a883e801f15ac3ee9140de0fc6f0c0ec60c2642d7e09411ef/
Threat name:
Win32.Trojan.Skeeyah
Create hunting rule
Status:
Malicious
First seen:
2020-07-06 09:52:52 UTC
File Type:
Binary (Archive)
Extracted files:
74
AV detection:
19 of 29 (65.52%)
Threat level:
  5/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Loki

ace 77a2a80f02479c3a883e801f15ac3ee9140de0fc6f0c0ec60c2642d7e09411ef

(this sample)

Loki

Executable exe 6e9ef5abd419a483c7df53322c2210a48fc2365ef33d3a7d8c44b1311ac35b48

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 6e9ef5abd419a483c7df53322c2210a48fc2365ef33d3a7d8c44b1311ac35b48

Comments