MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2b2ffb9a2fbf1673da80d3fee086132999593b681c2dda9c666722d627551c33. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2b2ffb9a2fbf1673da80d3fee086132999593b681c2dda9c666722d627551c33
SHA3-384 hash: cebc68e07770776c874be69319d0a71b44b81f842cd5869e7dd88fd55c85d8e5de79d26b68f06196c1474cd3c3b91980
SHA1 hash: db3427f5de5c3aaed7cc5d0bf3ad3174070464cf
MD5 hash: a6dbdd1896887cc2954e5c2b12c454f9
humanhash: mockingbird-comet-two-oscar
File name:def.txt
Download: download sample
File size:1'357 bytes
First seen:2022-08-03 07:30:03 UTC
Last seen:Never
File type:
MIME type:text/plain
ssdeep 24:nuAOuAVinOGyinOGyizkgk1kTpkLLU2ZrdLU9nOGyiUiKPhcm5mLHmLokUUiKPho:ntOtVinOGyinOGyizkgkGTpkLLU2NdLG
TLSH T1D621AD55E591A6E16332A95346F34B1F329B9867A37F1822482E900C0427FBB07B7C3F
Reporter JAMESWT_WT

Intelligence

File Origin
# of uploads :
1
# of downloads :
195
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.ISB.Malscriptgen17.30481.11569.UNOFFICIAL
Create hunting rule

Verdict:
No Threat
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/62ea2401b7eec65627877905/reports/98029ecf-7dc0-44e3-98c9-9e5c5939ea52/overview
Result
Verdict:
UNKNOWN
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/2b2ffb9a2fbf1673da80d3fee086132999593b681c2dda9c666722d627551c33/
Threat name:
Win32.Trojan.BatTamper
Create hunting rule
Status:
Malicious
First seen:
2022-08-03 07:31:05 UTC
File Type:
Text (PowerShell)
AV detection:
2 of 26 (7.69%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=fmx7xgrpx4lhhwua2p7obbqtfgmvso3idqw5vhdgm4rnmj2vdqzq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/2b2ffb9a2fbf1673da80d3fee086132999593b681c2dda9c666722d627551c33

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

2b2ffb9a2fbf1673da80d3fee086132999593b681c2dda9c666722d627551c33

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/2264290/
  
Delivery method
Distributed via web download

Comments