MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f238131f36f1b82d116b5792755d54358b7106702ae4edae3bcada98253081d4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 3 Yara Comments

SHA256 hash: f238131f36f1b82d116b5792755d54358b7106702ae4edae3bcada98253081d4
SHA3-384 hash: d493c1b11a1c5396aefa8e171cfe3240007ca128038b02c5c155db1b1fc68b6211ff437ce4a5367683c2f732e901ee74
SHA1 hash: 72f0355b5f86a8df321f2a0dd444e33724f08706
MD5 hash: 56c38fe87bf8aaea71a6bf0925b662e4
humanhash: mountain-winner-alabama-whiskey
Download: download sample
Signature Loki
File size:349'591 bytes
First seen:2020-06-30 06:12:48 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:GZq//9gNXxSZ9IZuQ5YAJGVaPyvf/+EWFje+EVALkF2EljhxFH4iXO:2q/CNh69IZu41JeyYXWFa/6k9RXe
TLSH 3C74231503799874BE8D34E6221DA2C5AF8BA1450A3F1DEFC2D9367E52D00AD2749FE3
Reporter @jarumlus


Mail intelligence
Trap location Impact
Global High
CH Switzerland Low
IT Italy Low
NL Netherlands Low
# of uploads 1
# of downloads 28
Origin country US US
ClamAV PUA.Win.Adware.Slugin-6803969-0
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Injector
First seen:2020-06-30 01:51:09 UTC
AV detection:22 of 30 (73.33%)
Threat level:   5/5
Spamhaus Hash Blocklist :Suspicious file
VirusTotal:Virustotal results 33.33%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



zip f238131f36f1b82d116b5792755d54358b7106702ae4edae3bcada98253081d4

(this sample)

Delivery method
Distributed via e-mail attachment