MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0a48c61922cd5b6f13258f87eb9616f9a6b4a69ceb0904bcdd548edb97a81de6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0a48c61922cd5b6f13258f87eb9616f9a6b4a69ceb0904bcdd548edb97a81de6
SHA3-384 hash: 8c33da5ed7f141e583df64830dbaef3e1b8fcb324399b96954f17820209e38d5d4890944a307ee7d26b1229d43f5a580
SHA1 hash: 655d00504ed17f294086b95be228ac36bb86c3db
MD5 hash: 7b1c807bcb878c92f218971c83e34204
humanhash: fish-paris-king-blue
File name:7b1c807bcb878c92f218971c83e34204
Download: download sample
File size:76'288 bytes
First seen:2020-11-17 12:23:16 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744 (48'657 x AgentTesla, 19'469 x Formbook, 12'208 x SnakeKeylogger)
ssdeep 1536:Nj9fXhmzPCOgLeBn0k6NxHhx5OfgFc6mNQhoUqRTGE27p6WP:/RGg6FmHhxAfgFc6GQVYTw7FP
Threatray 37 similar samples on MalwareBazaar
TLSH 9873BE58234DDF23C5EE437A84E3336246B9CD6B8A87F74F68542215AD313DA90D2A1B
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
50
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Sending a UDP request
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/0a48c61922cd5b6f13258f87eb9616f9a6b4a69ceb0904bcdd548edb97a81de6/
Threat name:
ByteCode-MSIL.Backdoor.Bladabhindi
Create hunting rule
Status:
Malicious
First seen:
2017-06-18 17:34:52 UTC
AV detection:
24 of 29 (82.76%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
1cef46cbb22cfda50b0e93dadedfb09f511b80e802d239270c96954a38d11f28
25dd98cbd230e272bb55aaf5acd0f6cb0e8ec897ec5c0684b5308a0022af175f
394460b6c0b33b4e5d45308e968e765627fb9f34d4ad8c51b8922543d6bf2490
4de20c38ffff3f9d75d9a446f152c017d9010477c28c8b97875f95f448ecb761
4ece7a3cd6313c022ce3d30028a8af4f4f4da6a35efcddb8136b4bb5520fdb21
9c30836b7e26dc68f2f9299a1014cfda6fd1446b9938d559c82aa6462b5fcab9
a8883460eb4eda4b981767c15ae6fadf5dd2c5ff7d8d8325b417bbdf71dece1a
c1c3399ed911782ec14180a857a48231f7e3182dd9340ed6308b9a70cacc2885
d7789d465be563d19b1ade313c83023363379649f935e333e16643eec1bc150e
f508afb3a24ea2a3865ef48de1c0f2886ac26641ea6c517c727041e11a15e886
+ 27 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201117-efqnekkvjj/
Behaviour
Suspicious behavior: GetForegroundWindowSpam
Unpacked files
SH256 hash:
0a48c61922cd5b6f13258f87eb9616f9a6b4a69ceb0904bcdd548edb97a81de6
MD5 hash:
7b1c807bcb878c92f218971c83e34204
SHA1 hash:
655d00504ed17f294086b95be228ac36bb86c3db
Link:
https://www.unpac.me/results/0ed88a94-f28a-4829-b698-f884f01d4955/
SH256 hash:
910aba97a190a41a13baa7f3591549599d1ccbe10115bac35dfc86751f173392
MD5 hash:
19ea2a0f3ee16c75ed569bde83c9e63c
SHA1 hash:
2aadb518dd577addaafac1c7b67f49afa8080e19
Link:
https://www.unpac.me/results/0ed88a94-f28a-4829-b698-f884f01d4955/
SH256 hash:
94cbf02f102ae6a92ea97fbd81e7950b03a0dfd1976fb2ae9461dcfb605ceca0
MD5 hash:
f5a681ef9ca03e3818b14409a37c8607
SHA1 hash:
79c9b92823cf1edc87ca80841d00fe454b15ca15
Link:
https://www.unpac.me/results/0ed88a94-f28a-4829-b698-f884f01d4955/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments