MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b877fc9ef1769ee3f788c2da68b077d515c2b8356756e8cab9ececed99bbb7c1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b877fc9ef1769ee3f788c2da68b077d515c2b8356756e8cab9ececed99bbb7c1
SHA3-384 hash: 9ac603f8b0145cc2b32dc40e3ebad8d555276503b2e986532bd2b3852b311145e9ed8d0bc64fd1f5749ac035b5d78d67
SHA1 hash: a00b7a117c456efbe5238b454faf0f958f3e9549
MD5 hash: bc24b56a1f9b1ff29691859aeb62fa09
humanhash: grey-butter-floor-ack
File name:dridex.ps1
Download: download sample
File size:3'524 bytes
First seen:2020-09-30 15:50:07 UTC
Last seen:Never
File type:PowerShell (PS) ps1
MIME type:text/plain
ssdeep 48:Vi2DtJxzyh3CNBTHBprsozAji9LsSvWI7mnnOs2Kf3u07FghSMRIGE+eGna2WBOC:s2LxOI7THuSISwOs2sShdbXEhU8h1NV9
TLSH 1F711CE5AE36FDC447DA71E90BD3388D21045A53817896F8E70C08D7A628606EF1A7FD
Reporter JAMESWT_WT
Tags:Dridex ps1

Intelligence

File Origin
# of uploads :
1
# of downloads :
276
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b877fc9ef1769ee3f788c2da68b077d515c2b8356756e8cab9ececed99bbb7c1/
Threat name:
Script-PowerShell.Infostealer.Dridex
Create hunting rule
Status:
Malicious
First seen:
2020-09-30 15:49:16 UTC
File Type:
Text
AV detection:
9 of 29 (31.03%)
Threat level:
  5/5
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Dridex
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/b877fc9ef1769ee3f788c2da68b077d515c2b8356756e8cab9ececed99bbb7c1

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments