MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2386084b54b517dff1092496d4d4e5b558cf2ea50d51944bb8ac1f13fa1bbc05. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments

SHA256 hash: 2386084b54b517dff1092496d4d4e5b558cf2ea50d51944bb8ac1f13fa1bbc05
SHA3-384 hash: 921e5b3b8af746d889dcdfa93f4646cf5b4559ff806e7830f57a6fc23ea2682a8f1a89c9afe9af033c9ea5cb654a3c6b
SHA1 hash: d4f4d0ee949a1aff38de302a3f5aa09749c4d89e
MD5 hash: c14c4c6af1f9c4214691279c2f6fa13c
humanhash: south-bravo-november-equal
File name:SecuriteInfo.com.Trojan.GenericKD.61181694.26250.28901
Download: download sample
Signature n/a
File size:207'360 bytes
First seen:2022-08-06 00:14:18 UTC
Last seen:Never
File type:Word file doc
MIME type:application/CDFV2
ssdeep 3072:O1FlTuC5EDTEEr1+1hkzQ4QKMg7B9Bpk6he6m78UakgaQ+vfr97/Xke:O1FlC2hkBrBiD9zXke
TLSH T16A1423FE72B07535C52383361A844188D513CD6A171D736215B2B1D66CFB4CAFB3AAAC
Reporter @SecuriteInfoCom
Tags:doc

Office OLE Information


This malware samples appears to be an Office document. The following table provides more information about this document using oletools and oledump.

OLE dump
Sections: 4

The following OLE sections have been found using oledump:

Section IDSection sizeSection name
172 bytesCompObj
220 bytesOle
3202653 bytesOle10Native
46 bytesObjInfo

Intelligence


File Origin
# of uploads :
1
# of downloads :
195
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Malware family:
n/a
ID:
1
File name:
SecuriteInfo.com.Trojan.GenericKD.61181694.26250.28901
Verdict:
No threats detected
Analysis date:
2022-08-06 00:16:09 UTC
Tags:
ole-embedded

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
72 / 100
Signature
Antivirus / Scanner detection for submitted sample
Antivirus detection for dropped file
Document contains OLE streams which likely are hidden ActiveX objects
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Threat name:
ByteCode-JAVA.Downloader.BanLoad
Status:
Malicious
First seen:
2022-08-05 06:13:08 UTC
File Type:
Binary (Archive)
Extracted files:
15
AV detection:
11 of 26 (42.31%)
Threat level:
  3/5

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments