MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9c8e1b2166d0ee3df1c3fc9c6e4f16fe6378be10fa7f9ed2eac4e84139d7f152. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence File information 1 Yara 1 Comments

SHA256 hash: 9c8e1b2166d0ee3df1c3fc9c6e4f16fe6378be10fa7f9ed2eac4e84139d7f152
SHA3-384 hash: a97f58b5f4ea6af3941a49b51fb3bc94a252a8e1151a3a2735dcbc98ee98d4da6e965437cef730f2f0964f94f7785fa3
SHA1 hash: 57c71c49cdd5adbd6765b067e7cba4ecaa8263f3
MD5 hash: fb7103737708c995ca3610991cd153b4
humanhash: fourteen-nine-london-skylark
File name:UOD_1004.xls
Download: download sample
Signature TrickBot
File size:373'248 bytes
First seen:2020-06-30 05:47:47 UTC
Last seen:2020-06-30 07:01:23 UTC
File type:Excel file xls
MIME type:application/
ssdeep 6144:ck3hbdlylKsgqopeJBWhZFVE+W2NdAXr3iXm0KyqxE6T58OYbiZw0c7YKN5RVLTH:lmB9E87Xc7YKrRVLlrv+C
TLSH 0784BD86EA14DA46DAE583358F6392E5572EFC0052364B0FA6D1B7377F7D1A18E0E082
Tags:TrickBot xls


Mail intelligence No data
# of uploads 2
# of downloads 34
Origin country IT IT
ClamAV TwinWave.EvilDoc.Excel4SetNameBangYourHead.20200628.UNOFFICIAL
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Document-Word.Downloader.Encdoc
First seen:2020-06-30 05:49:04 UTC
AV detection:4 of 48 (8.33%)
Threat level:   3/5
Hatching Triage Score:   1/10
Malware Family:n/a
VirusTotal:Virustotal results 6.67%

Yara Signatures

Rule name:SharedStrings
Author:Katie Kleemola
Description:Internal names found in LURK0/CCTV0 samples

File information

The table below shows additional information about this malware sample such as delivery method and external references.