MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f3d212c5db0dd27e3ab89df542dfea07249dc31d7ef769add18a655f15becef0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara 1 Comments

SHA256 hash: f3d212c5db0dd27e3ab89df542dfea07249dc31d7ef769add18a655f15becef0
SHA3-384 hash: 0e5e87562b473620529b5e800c44c5f86706d89fd5afe245921fcc06af3fb6456caeeccdafccd7c52d59f7a6a93d6458
SHA1 hash: 6d7236322b7ad4b6b708a6197f6c0cb4b9ed9e78
MD5 hash: 646d8359ec26e1c269f4c7941f6687cb
humanhash: mirror-nevada-colorado-white
File name:form_0017808412.xls
Download: download sample
Signature n/a
File size:499'200 bytes
First seen:2020-07-31 10:04:20 UTC
Last seen:Never
File type:Excel file xls
MIME type:application/vnd.ms-excel
ssdeep 12288:mJMQCdFNGwTGuobHiDudfEo1/tEAkkToT/B:zQga6KSumwVEAkn/B
TLSH 98B4232639E6AB03D37B083D19910730AB23EF812217C99F97723556EE3AF44774257A
Reporter @0xCARNAGE


Twitter
@0xCARNAGE
Password is 'excel'

Intelligence


File Origin
# of uploads :
1
# of downloads :
32
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Result
Threat name:
Hidden Macro 4.0
Detection:
suspicious
Classification:
expl
Score:
21 / 100
Signature
a
b
c
d
e
h
i
l
m
o
p
r
s
t
w
x
Y
Behaviour
Behavior Graph:
Threat name:
n/a
Status:
Benign
First seen:
2020-07-31 10:06:07 UTC
AV detection:
3 of 48 (6.25%)
Trust factor
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Behaviour
Suspicious behavior: AddClipboardFormatListener
Suspicious use of SetWindowsHookEx
Suspicious behavior: AddClipboardFormatListener
Enumerates system info in registry
Checks processor information in registry
Suspicious use of SetWindowsHookEx
Threat name:
Legit
Score:
0.06

Yara Signatures


Rule name:SharedStrings
Author:Katie Kleemola
Description:Internal names found in LURK0/CCTV0 samples

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Excel file xls f3d212c5db0dd27e3ab89df542dfea07249dc31d7ef769add18a655f15becef0

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments