MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 01aa2cf8db4badde36f1896d341e31c0fe91a51772f1aa50b9f59ba368973993. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence File information 1 Yara Comments

SHA256 hash: 01aa2cf8db4badde36f1896d341e31c0fe91a51772f1aa50b9f59ba368973993
SHA3-384 hash: 84eb4e4d2d0ea981f56ce7931a3cb94cc915f14dabd31650f743eeedf5ef58ead305a9d72ef679d5bacdf15064f18d2d
SHA1 hash: 497985116f4ebaa05f1774c16adb5aa52b8e9756
MD5 hash: f8290f2d593a05ea811edbd3bff6eacc
humanhash: nineteen-wisconsin-one-carolina
File name:1.exe
Download: download sample
Signature n/a
File size:2'108'248 bytes
First seen:2020-06-30 12:30:00 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 50a420668550f98372c95025cc500359
ssdeep 24576:AxT2+3dmY7FF1JLurH0q7kRZLJn0A0ffqN3CzPtakNLIE4GPoyP:f+NmY7FFHurUayLLKCdCzPtFZb
TLSH 54A5AD90A956CEBED0AC2175E0EC8F0750A2F9254F074B9B7A481C213BB2D93E5E535F


Mail intelligence No data
# of uploads 1
# of downloads 32
Origin country IT IT
CAPE Sandbox Detection:n/a
ClamAV No detection
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Encoder
First seen:2020-06-30 12:30:43 UTC
AV detection:25 of 31 (80.65%)
Threat level:   5/5
Hatching Triage Score:   10/10
Malware Family:n/a
Tags:ransomware evasion trojan persistence
VirusTotal:Virustotal results 26.03%

File information

The table below shows additional information about this malware sample such as delivery method and external references.