MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9ebb03d5eba911f77abc0668ced4e4abca4de31a8cc64840012dcb64103905d9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 9ebb03d5eba911f77abc0668ced4e4abca4de31a8cc64840012dcb64103905d9
SHA3-384 hash: ef9858c9529f114d0d289e82a26cf1b53665fdfe3a048d9db687aba8376ed505c63158dc91e8fabff6ffbbe00d21c550
SHA1 hash: c4b3e24bdb03d0016000c6e8ece3bd84ae032e39
MD5 hash: d74d0ca31867df80537c096fb3dbd533
humanhash: grey-yellow-eighteen-lamp
File name:AquaBioTech Group Order No PO 004 SFA012020.r00
Download: download sample
Signature n/a
File size:474'816 bytes
First seen:2020-07-31 12:17:32 UTC
Last seen:Never
File type: r00
MIME type:application/x-rar
ssdeep 12288:wPUGgVExMdF1uDGCQARGUSeXN5o/BtJnmi+E:jVBMDPvsBtJnyE
TLSH 42A42370F0DE8968D4AB95823529546D9BAFD9057C7F4E2ECFD513228E3C258F036263
Reporter @abuse_ch
Tags:r00


Twitter
@abuse_ch
Malspam distributing unidentified malware:

From: "Jonathan M. Seymour - AquaBioTech Group" <jonathan.seymour@aquabt.com>
Subject: RE: AquaBioTech Group Delivery and Supply Order No.PO 004/SFA0107.31.2020
Attachment: AquaBioTech Group Order No PO 004 SFA012020.r00 (contains "Purchase Order No PO 004 SFA01 07_31_2020.exe")

Intelligence


File Origin
# of uploads :
1
# of downloads :
34
Origin country :
FR FR
Mail intelligence
Geo location:
IT Italy
Volume:
Low
Geo location:
Global
Volume:
Medium
Vendor Threat Intelligence
Threat name:
Win32.Trojan.Kryptik
Status:
Malicious
First seen:
2020-07-31 12:19:10 UTC
AV detection:
10 of 31 (32.26%)
Threat level
  5/5
Threat name:
Legit
Score:
0.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

r00 9ebb03d5eba911f77abc0668ced4e4abca4de31a8cc64840012dcb64103905d9

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments