MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0a724325d6c34ee680d393db2ab074eb37c5c9c1cd5985e51382d275d97daa10. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0a724325d6c34ee680d393db2ab074eb37c5c9c1cd5985e51382d275d97daa10
SHA3-384 hash: 3d8b195bb30a017e8765afe903866e3eae1ced226a789d61a789fb91e934454766ff6f415e7d44d193c6a4e567654f06
SHA1 hash: 1c078e47aaa023a74bf16c7ba48005f36b742167
MD5 hash: eb24a5753a0581230142f70aca096690
humanhash: oklahoma-california-autumn-cola
File name:manager.ps1
Download: download sample
File size:1'378 bytes
First seen:2020-07-16 06:44:39 UTC
Last seen:Never
File type:PowerShell (PS) ps1
MIME type:text/plain
ssdeep 24:G2FXpWVBz1SnWgaH8VJ/psHkBqEupQlHoZ2k32PKgKioRtGPkvSrf4:zUVBzGWgaH8/CHE9HoMK2P7URtGPESrQ
TLSH E821053CDBD1AED8A7ABB0C4095D3B06209DDB17BA229F2CFAC104A7853811D8E31198
Reporter JAMESWT_WT
Tags:OrcusRAT

Intelligence

File Origin
# of uploads :
1
# of downloads :
1'944
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.CL.Downloadergen12.4571.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/0a724325d6c34ee680d393db2ab074eb37c5c9c1cd5985e51382d275d97daa10/
Threat name:
Script-PowerShell.Spyware.Negasteal
Create hunting rule
Status:
Malicious
First seen:
2020-06-09 14:31:34 UTC
File Type:
Text
AV detection:
4 of 29 (13.79%)
Threat level:
  2/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments