MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2b5758f388027c53af132a2c7b28b3448b9869a81a5ce134c78330a3c31181f5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2b5758f388027c53af132a2c7b28b3448b9869a81a5ce134c78330a3c31181f5
SHA3-384 hash: c405daf5b40531201bc49923e0aef932c736474405faae8f2d39b90963b5775c54deb1ac2ed905142b2ab31db4dd34e9
SHA1 hash: 75aae9c14480f9c9a2eaaf9b748186bc55115374
MD5 hash: c8a5694f92d2e3f21d71ebaafc655a3f
humanhash: king-california-failed-kilo
File name:3cxIcons.zip
Download: download sample
File size:5'679'420 bytes
First seen:2023-04-06 07:33:52 UTC
Last seen:Never
File type: zip
MIME type:application/zip
Note:This file is a password protected archive. The password is: infected
ssdeep 98304:2waKNEp1IxP6/zQCIh+LeU0cISevpLwbU7HghWdwLfx6U361Wi6rt:2Tt1EmQHh+azcDevpLwbyhwDx6UMWiAt
TLSH T1D946337D355BFFF4500E232A21FDE4F4505A9819721C8EFA0DAB04E8A58967AB7F1132
TrID 80.0% (.ZIP) ZIP compressed archive (4000/1)
20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Reporter struppigel
Tags:3CX SmoothOperator zip


Avatar
struppigel
All icons from SmoothOperator github repository

Intelligence

File Origin
# of uploads :
1
# of downloads :
167
Origin country :
DE DE
File Archive Information

This file archive contains 1 file(s), sorted by their relevance:

File name:5c54932fdbb077d73c58ac41a1ad3f6ea5576b3e1f719c8b714b637c9ceb361b
File size:5'682'120 bytes
SHA256 hash: 5c54932fdbb077d73c58ac41a1ad3f6ea5576b3e1f719c8b714b637c9ceb361b
MD5 hash: 7c370a0b1fef5dfad829a8b6368b9114
MIME type:application/zip
Vendor Threat Intelligence
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/642e75eb612ecb08a4cad8d9/reports/d96d72aa-f63d-4145-863e-ef7284c95550/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/2b5758f388027c53af132a2c7b28b3448b9869a81a5ce134c78330a3c31181f5
Result
Verdict:
MALICIOUS
Link:
https://labs.inquest.net/dfi/sha256/2b5758f388027c53af132a2c7b28b3448b9869a81a5ce134c78330a3c31181f5
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/2b5758f388027c53af132a2c7b28b3448b9869a81a5ce134c78330a3c31181f5/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=fnlvr44iaj6fhlytfiwhwkftisfzq2nidjoocnghqmykhqyrqh2q._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/230406-j5j8eaea91/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/2b5758f388027c53af132a2c7b28b3448b9869a81a5ce134c78330a3c31181f5

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments