MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b9c98cc056daf37bba7ebb3faefec34e39e82faca008f166435a083c95f12789. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 2 File information 3 Yara Comments

SHA256 hash: b9c98cc056daf37bba7ebb3faefec34e39e82faca008f166435a083c95f12789
SHA3-384 hash: d6cc60979c75297853ce580fb81df2c7ba78db325b196c0cf7471be89a77c439c6a1a471deb92bc1766e478cb0a7dc4a
SHA1 hash: 11d9ca19466b16ceb671befe65f10e577d823bec
MD5 hash: c006ad5dcb001cefac742715615f5e5d
humanhash: east-nitrogen-july-uniform
File name:PO-USD#04072018.r11
Download: download sample
Signature Loki
File size:193'754 bytes
First seen:2020-06-30 08:53:44 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 3072:vVIEmEMCVRwCi2yYd9LYI6E/KIkwnEsKlItZuGfXssXdnuWtKBEr1HjWM+rhZo/L:vNoCVRXFLLYIdSIkNliYGttnuWgCHQDg
TLSH 0F1423C41D03F7AFAE4038B0D6236C69F432A3F686F5B91A61C9614A3C46B5575EDC0E
Reporter @jarumlus
Tags:Loki

Intelligence


Mail intelligence
Trap location Impact
Global Medium
NL Netherlands Low
# of uploads 1
# of downloads 32
Origin country FR FR
ClamAV Sanesecurity.Malware.27572.Rar5Heur.UNOFFICIAL
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/b9c98cc056daf37bba7ebb3faefec34e39e82faca008f166435a083c95f12789/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Hwdndzr
First seen:2020-06-30 08:55:05 UTC
AV detection:11 of 31 (35.48%)
Threat level:   2/5
Spamhaus Hash Blocklist :Malicious file
VirusTotal:Virustotal results 8.33%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Loki

rar b9c98cc056daf37bba7ebb3faefec34e39e82faca008f166435a083c95f12789

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments