MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 06825779a3330fbab4a5a28084ece62188a22d1c8ed1d33700493b16ca9cdb36. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	06825779a3330fbab4a5a28084ece62188a22d1c8ed1d33700493b16ca9cdb36
SHA3-384 hash:	c90b4644b393190520f6783296e74a8550171f7a2ac86a5b396840eeabf127d1fa3cecc5306e19d37b2a4103c7b0e169
SHA1 hash:	dda2caf6b5fa923b855730ac43ca658d95237414
MD5 hash:	6cf7abbebb1d4643d152cbff637fd9d1
humanhash:	mobile-nineteen-nuts-three
File name:	s.dot
Download:	download sample
File size:	10'397 bytes
First seen:	2021-05-07 12:46:53 UTC
Last seen:	Never
File type:	unknown
MIME type:	application/octet-stream
ssdeep	192:uKq5TnsWV2h8pPyh1+KMs79ghXBBznnHEPSiMvl8nRtrLt3Z/WrnfO:U5sWuyyrj98XfnnkZal8nR5539gO
TLSH	68226D9CB6551B69DFAA73E08177DA2801CC7C3873D120753ABC27A267A773A53140E5
Reporter	info_sec_ca
Tags:	CVE-2017-11882 dot

Intelligence

File Origin

# of uploads :

1

# of downloads :

84

Origin country :

n/a

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.Spam-473.UNOFFICIAL

Sanesecurity.Malware.27333.RtfHeur.BadVer.UNOFFICIAL

SecuriteInfo.com.FakeRTF-1.UNOFFICIAL

Sanesecurity.Malware.26244.RtfHeur.UNOFFICIAL

MiscreantPunch.RTF.EvilRTF.CVE-2017-0199-Obfus.UNOFFICIAL

TwinWave.EvilDoc.RTFFakeVersionWithObjUpdateUKSurfMix.20200514.UNOFFICIAL

Result

Verdict:

MALICIOUS

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/06825779a3330fbab4a5a28084ece62188a22d1c8ed1d33700493b16ca9cdb36/

Threat name:

Document-RTF.Exploit.CVE-2017-11882

Status:

Malicious

First seen:

2021-05-07 12:47:12 UTC

AV detection:

19 of 46 (41.30%)

Threat level:

5/5

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/06825779a3330fbab4a5a28084ece62188a22d1c8ed1d33700493b16ca9cdb36

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

unknown 06825779a3330fbab4a5a28084ece62188a22d1c8ed1d33700493b16ca9cdb36

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/1204678/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample