MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 11794b05c587f4bf89a301c7eedacc64e7e827699203515c86b6bc5dfbfad31c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 11794b05c587f4bf89a301c7eedacc64e7e827699203515c86b6bc5dfbfad31c
SHA3-384 hash: 1d95b866197e78ef6dfc4c2c5654c37c93c13486ff0d4afcab16f78c2341487c38955b866098a53816fe14ca22983b85
SHA1 hash: 97d14636268808809362158fafc4de4e9aa0fc72
MD5 hash: 0073ef2af178af5e166157c6504e072f
humanhash: dakota-kentucky-texas-carbon
File name:Notificación de crédito.gz
Download: download sample
File size:714'712 bytes
First seen:2020-10-07 05:06:46 UTC
Last seen:Never
File type: gz
MIME type:application/x-rar
ssdeep 12288:JUqlY4pPYFFxdjaPura01fRQMoXbWrHDFGkM0a/Go4vsAXmUdkfinj:JU2pPYF56u5YSrj1cyvCUKqj
TLSH 25E423ED18ED5CBB00E9618721E98492ED6D9B5D10BE2F8B90DFC1C04B5F60EC5AB894
Reporter abuse_ch
Tags:BBVA ESP geo gz


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: vps.scripturnm.com
Sending IP: 45.95.169.112
From: BANCO BBVA <advice@bbva.mx>
Reply-To: advice@bbva.mx
Subject: BANCO BBVA - Notificación de crédito
Attachment: Notificación de crédito.gz (contains "EFVEXtJ4LsJ6SQr.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
101
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/11794b05c587f4bf89a301c7eedacc64e7e827699203515c86b6bc5dfbfad31c/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=cf4uwbofq72l7cndahd65wwmmtt6qj3jsibvcxegw26f36722moa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/11794b05c587f4bf89a301c7eedacc64e7e827699203515c86b6bc5dfbfad31c

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

gz 11794b05c587f4bf89a301c7eedacc64e7e827699203515c86b6bc5dfbfad31c

(this sample)

Executable exe 9ac5f5f0d1ff8fb95c1586059a20596cbcb04c4bde70c5d753798d4fae6f9837

  
Dropping
MD5 733819c0857fac5393389bf5e7c98bc7
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 9ac5f5f0d1ff8fb95c1586059a20596cbcb04c4bde70c5d753798d4fae6f9837

Comments