MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 eb76c8ea9c1857530e537b318eeac0781f7bbc68ad9e0152bcb2db5a8af71d97. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 2 Yara Comments

SHA256 hash: eb76c8ea9c1857530e537b318eeac0781f7bbc68ad9e0152bcb2db5a8af71d97
SHA3-384 hash: 77099c4e95913253298148d84dc3dff0c974d7092a7461020e1b6ebfe1f3de379da58ce51fe6bb2b9e99e472453ae998
SHA1 hash: 558fa0ea8e2ea1c3c6b618789a88081eebeeab4c
MD5 hash: 9f4c61b914d5174226a6591f9e9a2a48
humanhash: enemy-snake-spaghetti-leopard
File name:fattura.jar
Download: download sample
Signature Adwind
File size:227'585 bytes
First seen:2020-06-29 18:09:47 UTC
Last seen:Never
File type:Java file jar
MIME type:application/zip
ssdeep 6144:LFcSRd67W3DlWP99xukGpvMjIkqiPsw6VqVRu:LFgW3E9xZivMNqaVG
TLSH 1024133DC5EEC0A6024E97F7359A03D1FAD92D872EE2757778A07638C6E449B02D49C8
Reporter @abuse_ch
Tags:Adwind jar RAT

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 40
Origin country US US
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/16559/
ClamAV No detection
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/eb76c8ea9c1857530e537b318eeac0781f7bbc68ad9e0152bcb2db5a8af71d97/
ReversingLabs :Status:Malicious
Threat name:Script-VBS.Downloader.Fdyd
First seen:2020-06-29 18:11:03 UTC
AV detection:13 of 48 (27.08%)
Threat level:   3/5
Spamhaus Hash Blocklist :Suspicious file
Hatching Triage Score:   8/10
Malware Family:n/a
Link: https://tria.ge/reports/200629-2j614bdbax/
Tags:persistence
VirusTotal:No data

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Adwind

Java file jar eb76c8ea9c1857530e537b318eeac0781f7bbc68ad9e0152bcb2db5a8af71d97

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments