MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 126221d30da453634db4953147bfe32b5fd1e1af4187bb425d3714b7f529ecdf. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 1


Intelligence 1 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 126221d30da453634db4953147bfe32b5fd1e1af4187bb425d3714b7f529ecdf
SHA3-384 hash: 4b563e941b21b7c2fa9f29ad9bb2cca4eba4e66c66b0b3aec6af9504654c3e838df78a0936b9085adfa55b3037eb824e
SHA1 hash: 78994b2596f687a4e64e39d92a93b7acd2cbb534
MD5 hash: 8d88e6c50bcdd9d5e4ecbff089e0e3e7
humanhash: bulldog-july-zulu-chicken
File name:8d88e6c50bcdd9d5e4ecbff089e0e3e7.exe
Download: download sample
File size:3'322'891 bytes
First seen:2021-07-27 15:45:25 UTC
Last seen:2021-07-27 16:49:59 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 1f23f452093b5c1ff091a2f9fb4fa3e9 (274 x GuLoader, 36 x RemcosRAT, 23 x AgentTesla)
ssdeep 98304:8vjUSaq4yh/jxV/sU9foEMWfwapxIJ64MNxvvr7:8Y9mjxVUU9Mowap6hMxvj7
Threatray 564 similar samples on MalwareBazaar
TLSH T197F5336137B6DC26EA79067486BBD9F6B624BEC92C20A30367557387B5334035E49FC0
dhash icon a2a9d8f88a88c9c0 (11 x SnakeKeylogger, 4 x RedLineStealer, 4 x AgentTesla)
Reporter abuse_ch
Tags:exe

Intelligence

File Origin
# of uploads :
2
# of downloads :
110
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/174426/
Detection(s):
SecuriteInfo.com.Trojan.CryptZ.Win32.4058.1261.8365.UNOFFICIAL
Create hunting rule

Result
Verdict:
Clean
Maliciousness:

Behaviour
Creating a window
Sending a UDP request
Result
Verdict:
UNKNOWN
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/ed24f3e1-ee27-49a6-8228-fa50de745551
Result
Threat name:
Unknown
Detection:
clean
Classification:
n/a
Score:
4 / 100
Link:
https://www.joesandbox.com/analysis/822559
Behaviour
Behavior Graph:
n/a
Gathering data
Verdict:
unknown
Similar samples:
06573fe2118d10e238ba18f7bfa7e18cbefd6235e3979cdbddbcf31294623bac
0ec18c0168a1ca7416379f6e41d85a8e7fffe28c7c68ef3e9ef1c5c63a4db93b
104d610064164f47bf6c1616c339f84304419cdd79e7d66c5db8dcf59457f82c
2d3675bba3da579b093fd576fca9d1a47a3100d358391b5b7f3a368ee35a69e7
3c167530a131f9dc899b73b9eac971b38e44d41cf291893fde8e575602c2b846
58574a8edd6e1573ac8b4d515c0da8d269bc85bd1e8badd191def36e6257a25c
701f0650f954abf048c29e5d25cfe65caa51f89c0aa6b3fd06348c3d64848396
d00710da453f5aefee1bbfbd1c734ee70b72657b50b2ded25308a24ee14787f5
dc7336231300fc46c3be07afe1cb721f1b1a98f0a4a13029d9bfcabea5619259
e661bc38b20992b846232fd3d6cbe914bb46ae68b39ce7e7a348be2ba5261851
+ 554 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/210727-c8ehp9xsae/
Behaviour
Enumerates physical storage devices
Unpacked files
SH256 hash:
126221d30da453634db4953147bfe32b5fd1e1af4187bb425d3714b7f529ecdf
MD5 hash:
8d88e6c50bcdd9d5e4ecbff089e0e3e7
SHA1 hash:
78994b2596f687a4e64e39d92a93b7acd2cbb534
Link:
https://www.unpac.me/results/6acf8883-04a6-4dec-9efd-2e20b52c76df/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.38
Link:
https://yomi.yoroi.company/submissions/126221d30da453634db4953147bfe32b5fd1e1af4187bb425d3714b7f529ecdf

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Executable exe 126221d30da453634db4953147bfe32b5fd1e1af4187bb425d3714b7f529ecdf

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/1478750/
  
Delivery method
Distributed via web download
Cape
Cape
https://www.capesandbox.com/analysis/174426/

Comments