MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 137308647b511d0cc1346fd052eaca8af0520bbd7bc8a9664e28df4f02c754b9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


NanoCore


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 137308647b511d0cc1346fd052eaca8af0520bbd7bc8a9664e28df4f02c754b9
SHA3-384 hash: 8b6f638685d0a383c72c3183443ebe5df6d46b6b6da6e080e13458f3b60356ff667f58603140b76c265bffb454554099
SHA1 hash: c853be0efca37aab2d0e2c8bdea9c5240659d4e9
MD5 hash: 8d1b7606d35905d212df9ff551447e02
humanhash: earth-potato-item-thirteen
File name:BL COPY.r05
Download: download sample
Signature NanoCore
Create hunting rule
File size:323'497 bytes
First seen:2020-08-03 09:25:34 UTC
Last seen:Never
File type: r05
MIME type:application/x-rar
ssdeep 6144:d+ozYquO50EByvKyVLwe1DZuNq+kHFkHVkEJW:s3GGzvKyVLpDYqjuHLs
TLSH AC642338F47AFB1807EB908BD1A916EA0DEDC1FC201A9D9CD43430B973B41695D6299F
Reporter jarumlus
Tags:NanoCore

Intelligence

File Origin
# of uploads :
1
# of downloads :
75
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Rogue.0hr.20200803-0839.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/137308647b511d0cc1346fd052eaca8af0520bbd7bc8a9664e28df4f02c754b9/
Threat name:
ByteCode-MSIL.Trojan.Quasar
Create hunting rule
Status:
Malicious
First seen:
2020-08-03 09:27:05 UTC
AV detection:
14 of 29 (48.28%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=cnzqqzd3keoqzqjun7iff2wkrlyfec55ppekszsofdpu6awhks4q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/137308647b511d0cc1346fd052eaca8af0520bbd7bc8a9664e28df4f02c754b9

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

NanoCore

r05 137308647b511d0cc1346fd052eaca8af0520bbd7bc8a9664e28df4f02c754b9

(this sample)

NanoCore

Executable exe 61ce5023167c9a25d41656e8bd12b05769fac072fc6edf6024641ae2c77c8ece

  
Dropped by
NanoCore
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 61ce5023167c9a25d41656e8bd12b05769fac072fc6edf6024641ae2c77c8ece
  
Dropping
MD5 8fffb7619b8621a8e71a5f4c0337db89

Comments