MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2a214959e1a85a4d11444053d4262961ee29e2cc53c3f4ae8f1a59152e5d67f3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2a214959e1a85a4d11444053d4262961ee29e2cc53c3f4ae8f1a59152e5d67f3
SHA3-384 hash: 8a6056c14330656be41016668d188c7d4548cf74d0ba99ede3f3014603686c8bf8d0376acdb033ea1ff24ee46a0284ec
SHA1 hash: 11acecc64500fc1e0873fce237b469e78de90d6f
MD5 hash: 1c842a1a8616759b714c29c660815bd3
humanhash: finch-yankee-cat-emma
File name:SecuriteInfo.com.Trojan.Spambot.15361.18134.11649
Download: download sample
File size:999'424 bytes
First seen:2020-06-17 05:49:12 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 8ccf52147cee2a4e9f9dd7fecb388e49
ssdeep 24576:Y0//UWPnFk58uca77ntG8nNcHO7ULuWztCngtAuQY:YgD/G5FTntXNcgwkgo
Threatray 63 similar samples on MalwareBazaar
TLSH 1525235189D4866AE100387E9427F131B52FBE46753E5622BFC82F9FF53E3461B1E222
Reporter SecuriteInfoCom

Intelligence

File Origin
# of uploads :
1
# of downloads :
65
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/19059/
Detection(s):
PUA.Win.Packer.Upx-4
Create hunting rule

SecuriteInfo.com.Trojan.Spambot.15361.18134.11649.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Win32.PUA.FlyStudio
Create hunting rule
Status:
Malicious
First seen:
2017-07-22 20:08:00 UTC
AV detection:
21 of 31 (67.74%)
Threat level:
  1/5
Verdict:
malicious
Similar samples:
1495a59a2300245b0c8cfdfe2e467de7f79a4d287e10e9119a96cdac0a1b7c5b
369fc40113a588ab1916d537d07b1151ea60bbb4f5d1a7f2de841b94791a2d11
4c19c15867d67267bd79c9304bcdfb4ddb894b4d79cf6e127ba4336ad67ba884
4eb372dc146535028ffa1c88b7a6f0c7ce3a462b9dd53e1f7acdb61545bdfeeb
6ed0051747d0d5fbf4273b02e7267a257a82217c4b474117ea853014218b2b18
7722f9fc1c3104b305915e49413e86df71e233fc2ac2914eee60ab7a59fcdf14
8f327b1ce9510b718d832e0d0d38caf1aa73c3af31f6a915442f5b90015e7e6e
9fd40d22f5ff232a91ed5a5cf02d0b2c1ef24ec36035c9dbf5af9b709db9b7bc
ac1b332e6958c5b81be1b747c8a30172741514ed397952e01ad174be94f112a4
bd668ef292ae01d2ed9a32b1ea054e2acb484f61e86481f306669637ba31ce82
+ 53 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  8/10
Tags:
n/a
Link:
https://tria.ge/reports/200624-dgwx8lptne/
Behaviour
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious use of FindShellTrayWindow
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: GetForegroundWindowSpam
Loads dropped DLL
Executes dropped EXE
UPX packed file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/19059/

Comments