MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f1633bd40720160fcf66356a89c6db3b46a6036da06962c0de4a6ac06e4529ac. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 2 File information 1 Yara Comments

SHA256 hash: f1633bd40720160fcf66356a89c6db3b46a6036da06962c0de4a6ac06e4529ac
SHA3-384 hash: 46d7d93f09a958489d661e78e62e684133539b89b0282b499e95aac090f1d580fac5a7281e0c2c98cd78a4c83b2ac08a
SHA1 hash: e9c5f83a9013bc0f8953445f9feda48084c6bd92
MD5 hash: b57d6f06b684bf0d84b5e41065f059e2
humanhash: fifteen-happy-uncle-mockingbird
File name:InvoiceNum-03420370238.zip
Download: download sample
Signature n/a
File size:263'364 bytes
First seen:2020-06-30 08:29:52 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:diJw+29MDY7ZQdWgo6BVQzmYJwU0hUbWBE5S0cj:dsx29Mk7ZQdKz/JwU0heGsS0g
TLSH FC44232EE0A2E37B4DCD7E94F191DD728258763B9C3B6C250A17B7281232172DE0AD46
Reporter @jarumlus

Intelligence


Mail intelligence
Trap location Impact
Global Medium
# of uploads 1
# of downloads 26
Origin country US US
ClamAV SecuriteInfo.com.JS.Obfus-2119.UNOFFICIAL
TwinWave.EvilDoc.DridexBrokenWings.20200508.UNOFFICIAL
TwinWave.EvilDoc.DOCXRSTRGOOD.WSCRIPT.SHELL.200129.UNOFFICIAL
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/f1633bd40720160fcf66356a89c6db3b46a6036da06962c0de4a6ac06e4529ac/
ReversingLabs :Status:Malicious
Threat name:Document-Word.Trojan.Rdn
First seen:2020-06-29 12:44:45 UTC
AV detection:13 of 30 (43.33%)
Threat level:   2/5
Spamhaus Hash Blocklist :Suspicious file
VirusTotal:Virustotal results 23.81%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

zip f1633bd40720160fcf66356a89c6db3b46a6036da06962c0de4a6ac06e4529ac

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments