MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c6cfb034a82e6e4fa018dd063e7e91e47f4034248b6ad90b62219e3c367a3673. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



RemoteManipulator


Vendor detections: 5


Intelligence 5 File information Yara Comments

SHA256 hash: c6cfb034a82e6e4fa018dd063e7e91e47f4034248b6ad90b62219e3c367a3673
SHA3-384 hash: f8d1f0f5dff3500f36cb7e20bce39bc8e038b74d881b6dae1f74f3b1c773e64eb0e3fdc5d1cdc26d88e5431fc980d9fd
SHA1 hash: e1f19599ea001f2f7ee8d336edb7b114e0ef437e
MD5 hash: ceb5fbc654f39a7b9ea9c62eeecdfa19
humanhash: colorado-green-burger-uranus
File name:uxtheme.bin
Download: download sample
Signature RemoteManipulator
File size:47'980 bytes
First seen:2021-02-23 08:18:13 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash a55cf28123aec4893f9cb49d5e6312dd
ssdeep 384:9wbmN5sAYR04+ePkZz3oKxpfEqTIY5Fv4iBKflxMrdFPV7PxbTEcAAPrFMQlYjL:9gAs/cZz3DfEqTIYv4gKNwFPxPe5
Threatray 34 similar samples on MalwareBazaar
TLSH 9223A4943ED49CDBEB24823D41FAC332667DB5D047534B43AA34AA320F12BE17AD5786
Reporter @JAMESWT_MHT
Tags:dll Remote Manipulator System RemoteManipulator

Intelligence


File Origin
# of uploads :
1
# of downloads :
70
Origin country :
IT IT
Mail intelligence
No data
Vendor Threat Intelligence
ID:
1
File name:
ddca8f9d05aa07e903b71aa9823252962f91d0a192b79e346f8a51f39fb9212d
Verdict:
Malicious activity
Analysis date:
2021-02-23 08:14:24 UTC
Tags:
installer

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Result
Verdict:
Clean
Maliciousness:

Behaviour
Sending a UDP request
Result
Verdict:
UNKNOWN
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Result
Threat name:
Unknown
Detection:
clean
Classification:
n/a
Score:
2 / 100
Behaviour
Behavior Graph:
n/a
Threat name:
n/a
Status:
Benign
First seen:
2021-02-20 17:08:00 UTC
File Type:
PE+ (Dll)
AV detection:
1 of 48 (2.08%)
Trust factor
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Unpacked files
SH256 hash:
c6cfb034a82e6e4fa018dd063e7e91e47f4034248b6ad90b62219e3c367a3673
MD5 hash:
ceb5fbc654f39a7b9ea9c62eeecdfa19
SHA1 hash:
e1f19599ea001f2f7ee8d336edb7b114e0ef437e
Threat name:
Malicious File
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments