MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8b2dbc222287d4a3528f1b452e37e4a609d2503302a9cb5f5955ec9b34f67f9b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Kutaki


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8b2dbc222287d4a3528f1b452e37e4a609d2503302a9cb5f5955ec9b34f67f9b
SHA3-384 hash: d2d1c968be9326345c283da5248b5dcab23493c6e323ccd14c55c6c08b19f443bb63a8736586c10470a72b03dfac2219
SHA1 hash: 155950ca668624e547fe875be5d1eb543590be02
MD5 hash: 80f2cc0404dc8dab053a3b5d5c777210
humanhash: vegan-table-may-high
File name:New Order.rar
Download: download sample
Signature Kutaki
Create hunting rule
File size:360'694 bytes
First seen:2020-08-05 08:24:40 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 6144:OJX+msnnBBuD7nQIinOcXQw4Xh/htQ0PpLYOQ8oGcC5o7z3bv0/pZZHefoqx4X:OZ+m+BBuIdnOcgw4Xlht7pLYOQTqefG7
TLSH 7474234A970AAF8015AD2EB065EE1CD5D21FCA8D71D68C6B467B9837D626CDD0B010B3
Reporter abuse_ch
Tags:Kutaki rar


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: hrcollaborators.com
Sending IP: 167.114.43.83
From: EOS JEWELRY<smtpfox-7czqd@hrcollaborators.com>
Subject: New Order
Attachment: New Order.rar (contains "New Order.scr")

Intelligence

File Origin
# of uploads :
1
# of downloads :
65
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8b2dbc222287d4a3528f1b452e37e4a609d2503302a9cb5f5955ec9b34f67f9b/
Threat name:
Win32.Spyware.Kutaki
Create hunting rule
Status:
Malicious
First seen:
2020-08-05 08:26:07 UTC
AV detection:
20 of 48 (41.67%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=rmw3yircq7kkguupdncs4n7euye5eubtaku4wx2zkxwjwnhwp6nq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/8b2dbc222287d4a3528f1b452e37e4a609d2503302a9cb5f5955ec9b34f67f9b

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Kutaki

rar 8b2dbc222287d4a3528f1b452e37e4a609d2503302a9cb5f5955ec9b34f67f9b

(this sample)

Kutaki

Executable exe 1de49d29d2f5c485ef935ce6f50176272745d32d258f5996f029f4e78a614af7

  
Dropping
MD5 5cd9d49f5cad5e0910e90ce8183b4366
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 1de49d29d2f5c485ef935ce6f50176272745d32d258f5996f029f4e78a614af7

Comments