MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b745d669d0eebc22f1c8455252bae35587a9585f4a8c71944ac193aa82d367e0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b745d669d0eebc22f1c8455252bae35587a9585f4a8c71944ac193aa82d367e0
SHA3-384 hash: 5bd890ce7dc26ef46f896d1ca1ae8e3c771df090dae6ceaff0fcaffa574c6a72225cfd4f738b02d2a2e2aba91f66e272
SHA1 hash: 87d9c7d7d56230b2e926d573ecdd41e01d07e132
MD5 hash: 3c1306a1cff5f704fedb67da392026e2
humanhash: victor-kentucky-artist-indigo
File name:Campaign Data logs for invoicing.rar
Download: download sample
File size:201'251 bytes
First seen:2020-08-17 18:46:49 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 6144:dld6U5g6QeO8XbQwpP2wnte+ncrn7B6J9omIY:7oU5WfXwpP2uVCN6oi
TLSH D81412E5786F372E2E882EB2C0E29628D58CFD74474D31D2E83CF2B66BD4E4844956D4
Reporter abuse_ch
Tags:rar


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: bmail.inbox4.net
Sending IP: 35.154.151.245
From: Anurag Kodan <pallav.hspsms@gmail.com>
Subject: Campaign logs for invoicing
Attachment: Campaign Data logs for invoicing.rar (contains "Campaign Data logs for invoicing.scr")

Intelligence

File Origin
# of uploads :
1
# of downloads :
61
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b745d669d0eebc22f1c8455252bae35587a9585f4a8c71944ac193aa82d367e0/
Threat name:
ByteCode-MSIL.Trojan.SmartAssembly
Create hunting rule
Status:
Malicious
First seen:
2020-08-17 18:48:10 UTC
AV detection:
10 of 48 (20.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=w5c5m2oq526cf4oiivjffoxdkwd2swc7jkghdfckygj2vawtm7qa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/b745d669d0eebc22f1c8455252bae35587a9585f4a8c71944ac193aa82d367e0

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

rar b745d669d0eebc22f1c8455252bae35587a9585f4a8c71944ac193aa82d367e0

(this sample)

Executable exe 5e05d02584918e7530cc38704666f8c551eb6f58f2853bfd3260500b642135da

  
Dropping
MD5 4f1669a84bf1c5a30d42bd1178131d97
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 5e05d02584918e7530cc38704666f8c551eb6f58f2853bfd3260500b642135da

Comments