MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 276d61588774f4e6f4a02ac9de8e4434ebdb73af61b2637441a8a8c3d9340572. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Jadtre


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 276d61588774f4e6f4a02ac9de8e4434ebdb73af61b2637441a8a8c3d9340572
SHA3-384 hash: 62acf14438b39def39ec8e85137d362bd583c1f5afa9643d9a56cf75f8cd12504b1ae4e01af17e36fabcd5f4b85d67a4
SHA1 hash: 449b145cd2d4c2fb19e4a97b24edd66dc5f77c85
MD5 hash: 6109a23585a2f3ff7e2e1f2ef9c9a58a
humanhash: montana-nebraska-cola-blue
File name:276d61588774f4e6f4a02ac9de8e4434ebdb73af61b2637441a8a8c3d9340572
Download: download sample
Signature Jadtre
Create hunting rule
File size:27'136 bytes
First seen:2020-11-12 14:12:48 UTC
Last seen:2024-07-24 12:24:05 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 87bed5a7cba00c7e1f4015f1bdae2183 (3'034 x Jadtre, 23 x IcedID, 17 x Blackmoon)
ssdeep 768:hd5u7mNGtyVf4jqQGPL4vzZq2oZ7GsxJiI:hd5z/fMJGCq2w7D
Threatray 326 similar samples on MalwareBazaar
TLSH A5C2D072CE8081FFC0CF3472204511CB9B175A72A56A7867A750981E7DBCDE0DA7A753
Reporter seifreed

Intelligence

File Origin
# of uploads :
2
# of downloads :
50
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
PUA.Win.Packer.Asprotect-3
Create hunting rule

Win.Malware.Vtflooder-6260355-1
Create hunting rule

Win.Malware.Cerbu-9789017-0
Create hunting rule

Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/276d61588774f4e6f4a02ac9de8e4434ebdb73af61b2637441a8a8c3d9340572/
Threat name:
Win32.Virus.Jadtre
Create hunting rule
Status:
Malicious
First seen:
2020-11-12 14:15:13 UTC
AV detection:
28 of 29 (96.55%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
11fa07e83abc1f3340bc5c7df039f259c52ae1c398bd83b4f3d315dec6dd4ba3
Jadtre
13a99b192d60cdefac800bc85377c85a617f9107e0d68cbf5911fa7845f92546
Jadtre
1d66abdfdcb7679911eab8d1541111695809b8fb867265ad5b53376d1c57e31e
Jadtre
350419bf498342cd348f4d1bc5a3fa5a4873943340bfd495dec462a3fbfa10d8
Jadtre
7bd41098acc4c07cf156dcf57ebf6c5b297c54c6279c1f064e520625cabbeba9
Jadtre
90afc35b2680e2eaf1d68bf2f4f0c845d4ec4a75f5adaaaf945c3e192f4cc05f
Jadtre
9b395e2a28799fe6274d3639fd7d8c124a6706e79562268dd13a5d3d835155f6
Jadtre
eab2a8e1a517dc8b257822bd747c2456002a728fec9f85c6eb8be1dc15dbb729
Jadtre
eb16e3e0221cb70db563310ee0c1fff69bc48e3d9d290d3af5cc51fece49c5aa
Jadtre
ee1058c62329bab4fcb8938d857df47b126d7aa79360a6e96631ff9781f4e48d
Jadtre
+ 316 additional samples on MalwareBazaar
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Vflooder
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/276d61588774f4e6f4a02ac9de8e4434ebdb73af61b2637441a8a8c3d9340572

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments