MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5
SHA3-384 hash: bdef11246d5b9507930800b136c0e1cda16da4f3f936fd5e9c05784f0aa1aec6a9aedaa37bf7967a861e338731d57369
SHA1 hash: d25340ae8e92a6d29f599fef426a2bc1b5217299
MD5 hash: 0c0195c48b6b8582fa6f6373032118da
humanhash: yankee-march-william-jersey
File name:WR64.sys
Download: download sample
File size:14'544 bytes
First seen:2021-08-06 13:08:42 UTC
Last seen:2025-03-28 15:08:06 UTC
File type: sys
MIME type:application/x-dosexec
imphash d41fa95d4642dc981f10de36f4dc8cd7
ssdeep 192:nqjKhp+GQvzj3i+5T9oGYJh1wAoxhSF6OOoe068jSJUbueq1H2PIP0:qjKL+v/y+5TWGYOf2OJ06dUb+pQ
Threatray 106 similar samples on MalwareBazaar
TLSH T1096218874B7E1906FB969F7592E9C7936D34F6C0CFA825CF421299982C413E0AF2861C
Reporter James_inthe_box
Tags:signed sys VulnDriver

Code Signing Certificate

Organisation:Noriyuki MIYAZAKI
Issuer:GlobalSign ObjectSign CA
Algorithm:sha1WithRSAEncryption
Valid from:2007-09-24T10:50:55Z
Valid to:2008-09-24T10:50:55Z
Serial number: 01000000000115372421a8
Thumbprint Algorithm:SHA256
Thumbprint: 2ad31bfcb4b28f2051767a3812da4913336a95cf614a9af79db439a278ea8f50
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence

File Origin
# of uploads :
11
# of downloads :
246
Origin country :
n/a
Vendor Threat Intelligence

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments