MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 124e2a5c148fc786dc09802d3be33c2ea3e48b418abd3dee84ea9e7f2dbd924a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Jadtre


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 124e2a5c148fc786dc09802d3be33c2ea3e48b418abd3dee84ea9e7f2dbd924a
SHA3-384 hash: 6acb65c6f70c1a09ae40d72afc961593f5d9836beeef5471942c61b46e2aaf49b44e3ef5d6a8acbd292b8e6ed8cfb294
SHA1 hash: 964eb8cd00175170660cebd315cdef472b7f760d
MD5 hash: 64155c69249e64064249ba86296f3702
humanhash: virginia-potato-jersey-sink
File name:afe50bf21335580bc3a5a4e249608a3e
Download: download sample
Signature Jadtre
Create hunting rule
File size:27'136 bytes
First seen:2020-11-17 15:13:33 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 87bed5a7cba00c7e1f4015f1bdae2183 (3'034 x Jadtre, 23 x IcedID, 17 x Blackmoon)
ssdeep 768:Hd5u7mNGtyVfj4xQGPL4vzZq2oZ7GTxRW0P:Hd5z/fjLGCq2w7b
Threatray 1'149 similar samples on MalwareBazaar
TLSH 2DC2D072CE8080FFC0CB3471204522DB9B575A7265AA7867A710981E7DBCDD0D976753
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
57
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
PUA.Win.Packer.Asprotect-3
Create hunting rule

Win.Malware.Vtflooder-6260355-1
Create hunting rule

Win.Malware.Cerbu-9789017-0
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a file in the %temp% directory
Sending a UDP request
Creating a process from a recently created file
Creating a window
Changing an executable file
DNS request
Connection attempt
Sending an HTTP POST request
Modifying an executable file
Creating a file
Running batch commands
Creating a process with a hidden window
Connection attempt to an infection source
Infecting executable files
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/124e2a5c148fc786dc09802d3be33c2ea3e48b418abd3dee84ea9e7f2dbd924a/
Threat name:
Win32.Virus.Jadtre
Create hunting rule
Status:
Malicious
First seen:
2020-11-17 15:22:17 UTC
AV detection:
39 of 48 (81.25%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
444195a15805f146324293d6513b220957c14a9c3fbc5b2e2fc14d9c1f1d6488
Jadtre
45a687a1e0f47e4365fa4b9a8395a1c507dfdbe450ce846f3b8b491b60a83a3c
Jadtre
66d607945df309238d24057bad7e365800fb02227bf0cd1c6e6b31130e4a8d1a
Jadtre
675f8b4ea3bdacfceb0f69984db67d26ecdd7448982a468249f5dc828118a6e0
Jadtre
80b4783d87c5461e2e3486d15ecef302da7563408fd7a3b05284c75f13d06e92
Jadtre
a821a728353a092b790531071795848e8e965fc76da1bbf0a450ad014a46c7f2
Jadtre
aca2d8b8a440c37c89aa1302d1cfe172f8397c6cc37e09abd0cedf1ade150b65
Jadtre
d3d766bf491609c808bf2ff4b16a061a93aefa3f96a6b85bdcbb99df7ed21fcc
Jadtre
d4fba7a2bb5d02501a5df83e8f9e753ecfd093a851166ef817f8499fc6523783
Jadtre
dad4bb33c15bb6dba044fbfb358499e17f988ef9a34c09164717c2b67cb6f801
Jadtre
+ 1'139 additional samples on MalwareBazaar
Unpacked files
SH256 hash:
124e2a5c148fc786dc09802d3be33c2ea3e48b418abd3dee84ea9e7f2dbd924a
MD5 hash:
64155c69249e64064249ba86296f3702
SHA1 hash:
964eb8cd00175170660cebd315cdef472b7f760d
Link:
https://www.unpac.me/results/7e9fd101-2399-47ec-90c6-dd814f38be09/
SH256 hash:
7db9554146d97203b1ec90b4a341796f8b4b5ca70d86a17f7737d88bb2ff30bc
MD5 hash:
6a7489014fc865c0b32ea03c27598351
SHA1 hash:
831ee56a2703d9d4019c47ee03f46884e2d25124
Detections:
win_unidentified_045_g0
Create hunting rule
win_unidentified_045_auto
Create hunting rule
Link:
https://www.unpac.me/results/7e9fd101-2399-47ec-90c6-dd814f38be09/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments