MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a3c34cc5f8a13545a73b2a21512232e91dfef275a3cecb81215a5affb69709fb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information 2 Yara 1 Comments

SHA256 hash: a3c34cc5f8a13545a73b2a21512232e91dfef275a3cecb81215a5affb69709fb
SHA3-384 hash: 20294cf12391526819b188185606706a123cf5687277de3d7f19a865a2f8824b41927ec70195836cfe2c51607319f7a9
SHA1 hash: 90a77055a2fdefbecc1d793200ac1e82bdff26d3
MD5 hash: 2d92ac8bdaa0f8721b41c3444abf6b60
humanhash: saturn-enemy-fifteen-august
File name:a3c34cc.exe
Download: download sample
Signature n/a
File size:307'712 bytes
First seen:2020-06-30 01:49:07 UTC
Last seen:2020-06-30 02:44:18 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 6ed4f5f04d62b18d96b26d6db7c18840
ssdeep 6144:voSSmZuv9u4KHErKMgLpskocd+llmRL+GxxyZJD60RQDq:vd5ZftZS1cCCbMTD60R
TLSH B5642323933F8966E33CF37FD1350684E7183EC9A64A673784897B63A85DA5657208E0
Reporter @James_inthe_box
Tags:exe

Intelligence


Mail intelligence No data
# of uploads 2
# of downloads 33
Origin country FR FR
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/16747/
ClamAV SecuriteInfo.com.Mal.Generic-S.32508.24401.UNOFFICIAL
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/a3c34cc5f8a13545a73b2a21512232e91dfef275a3cecb81215a5affb69709fb/
ReversingLabs :Status:Malicious
Threat name:Win64.Trojan.Rozena
First seen:2020-06-29 19:23:17 UTC
AV detection:16 of 31 (51.61%)
Threat level:   2/5
Hatching Triage Score:   1/10
Malware Family:n/a
Link: https://tria.ge/reports/200630-t7k2w5k982/
Tags:n/a
VirusTotal:Virustotal results 11.11%

Yara Signatures


Rule name:suspicious_packer_section
Author:@j0sm1
Description:The packer/protector section names/keywords
Reference:http://www.hexacorn.com/blog/2012/10/14/random-stats-from-1-2m-samples-pe-section-names/

File information


The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments