MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 08c0f4831d9f0e3d57fbb7290e5fde4a50598b50676f76aaee3db9c079d500bc. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 08c0f4831d9f0e3d57fbb7290e5fde4a50598b50676f76aaee3db9c079d500bc
SHA3-384 hash: 6ae8465ce63ca83ffe08164595255a38a944507cbc583e3420ae358bbaebf098992519b7124a192dce5ee9e483db7d0f
SHA1 hash: 7515d1f12fa6a8ca1f085915e5a0e316fbe1332e
MD5 hash: 28b568e034c39c674f71c621dbe251ae
humanhash: autumn-winter-apart-robert
File name:08c0f4831d9f0e3d57fbb7290e5fde4a50598b50676f76aaee3db9c079d500bc
Download: download sample
File size:324'608 bytes
First seen:2020-06-10 07:53:18 UTC
Last seen:2020-06-10 09:18:30 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 18aee7cc80e48017bb06b13550617d1d (1 x BlackShades)
ssdeep 6144:QVmD7BS5uuiW5Q2J1KaHBcw8atffbeGZUwCpR2kyHw6FdyaweCoS:wmhScu5IqBcw82vUweQQ6FcoS
Threatray 6 similar samples on MalwareBazaar
TLSH AE642315F2319383D8D71635F8B20E273899B56E43565023EA2D600FED40B76BBDCE9A
Reporter JAMESWT_WT

Intelligence

File Origin
# of uploads :
2
# of downloads :
66
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
PUA.Win.Packer.Upx-4
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-06-02 22:53:03 UTC
File Type:
PE (Exe)
AV detection:
22 of 26 (84.62%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
6a18ff52d179fa32975ac72f36ae60abe5f7ac754e5ad616cbd375127b2904c6
6cf91b93dd7a3a6aca9878a5cf252af90000628486161243a086d6477d5d1f04
8e7116f27e8c84422d2d5612765b45166a1a1144774a52e5107d74a7884e758f
91e6f72cd4a4721915609abef27afcb72f170739c51384332da3cb6a8bb8f150
ce9d8545eb14f98f81526457b784ada2e37057dae2d74f625e47b4ed10549397
fe1330ade7fc1f8722e4aeabe15b57c1ff3d18b483dd273fe1df7cef3e27f8bf
Result
Malware family:
n/a
Score:
  8/10
Tags:
upx
Link:
https://tria.ge/reports/201109-hpfaexpyqx/
Behaviour
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments