MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 13a8b26ffba5f7b831e6d3ac6ab56f7aeae3e94396ea66fcc949acd12aaae8a8. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 13a8b26ffba5f7b831e6d3ac6ab56f7aeae3e94396ea66fcc949acd12aaae8a8
SHA3-384 hash: 0dc9f560771c6dfde895329b5f54da1222289555d2c7586f2c9a1b5890a7fcdae9552f11ad62a7a265d4f7570d34fd19
SHA1 hash: 50e0750165d36d44f81d6ca90f71859c5d84054c
MD5 hash: 79343a4cdb97723d3b6ec3a15f08f0b1
humanhash: lemon-illinois-finch-eleven
File name:SecuriteInfo.com.MSIL.Kryptik.WFT.29579
Download: download sample
File size:8'705 bytes
First seen:2020-06-08 17:18:52 UTC
Last seen:Never
File type:DLL dll
MIME type:application/x-dosexec
imphash dae02f32a21e03ce65412f6e56942daa (123 x YellowCockatoo, 60 x CobaltStrike, 44 x JanelaRAT)
ssdeep 96:DfHpg4ejck37mdtp1406AwbQwt/KOi9ckPtHY8GotqY5zNt:DfHpgZjcc6dtp1QDbQwtcc+48GuJ7
Threatray 53 similar samples on MalwareBazaar
TLSH 8B02C61633EC8336F9770F7A9CB347111678FB51DD6BD76E2884231D1E626900A22FA5
Reporter SecuriteInfoCom

Intelligence

File Origin
# of uploads :
1
# of downloads :
73
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.MSIL.Kryptik.WFT.29579.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-06-08 17:20:06 UTC
AV detection:
19 of 31 (61.29%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
3ac5ff1bb66fd3575cda9547d9ffcab8885679816cea32e62fd103c3468b0f23
41103f32f247ba744a8fbe17deac4bd26aeba323f3161e44adc35f8dd81ce4d3
4f86175e5500be87cc95ea9fcaf565970e15a86b2aa3223f8ef8d25e72cec376
7268dd8871868cdfdd50ab0e34373d094c8864494f7b3dff88dd01b191d6595c
77ee7b0a10f3c0ab08c1b1f88ceb0dd979e9c2fee17ac5fd14c9ce27002f6078
a6e9d6c145668c4fc6e6dbd3d1fe4bc394211d9c09d31c12730ceddf3e5056be
b67913449618756dcc815a242a270257cce4d5ae71911bb6716bdecc2f1c0c7f
c5c5e59bb18bad1427714d0007b676e658d8e08faf5a0632ed88912f5816d525
daf5fb094685e539b734678789da31bb003a3e4000a29c651d6bf93483fdc021
f995acc1e58ca81ea8033fa49e5e030eb5108cf87e3a3e60c4c1c60bdb8f8dbd
+ 43 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  9/10
Tags:
n/a
Link:
https://tria.ge/reports/201109-ag9mjxk8me/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments