MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2c2a59fb155590024a3b791f460a33525a44b87e1521a409885c5ed0c1b80f31. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2c2a59fb155590024a3b791f460a33525a44b87e1521a409885c5ed0c1b80f31
SHA3-384 hash: 31dbdbbae017533c6aff2e4d9522acdc09daf172946db915aa4c2fd43e384dbfc9205e899e0779a55aded3d784f96164
SHA1 hash: fe76142269c5eb67d05f26754296f49b46ffbed8
MD5 hash: 2e53bb4ce91d8d34a56659ebef1818f0
humanhash: lamp-edward-failed-butter
File name:2c2a59fb155590024a3b791f460a33525a44b87e1521a409885c5ed0c1b80f31
Download: download sample
File size:3'465'216 bytes
First seen:2020-11-11 11:23:51 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash cb2d410ca3eaf5f552476f3a37d9c167 (3 x Bunitu, 2 x ServHelper)
ssdeep 98304:U1yrDsqGJBBNE2RaMX6b2tisOMKNHZpKf6NUwOU:U1MDsvBBa2Rp6bmxOMK3p9E
Threatray 1 similar samples on MalwareBazaar
TLSH 3FF533501DE3F0BFDA16863E0518C604F62B513593F94A8BE14B3B7057EA28D94AEF93
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
51
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Win.Dropper.Glupteba-9783637-0
Create hunting rule

Win.Packed.Tofsee-9785863-1
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Sending a UDP request
Creating a window
Creating a file in the %temp% directory
Creating a process from a recently created file
Creating a process with a hidden window
Launching a process
Deleting a recently created file
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/2c2a59fb155590024a3b791f460a33525a44b87e1521a409885c5ed0c1b80f31/
Threat name:
Win32.Trojan.MintTitirez
Create hunting rule
Status:
Malicious
First seen:
2020-11-11 11:27:36 UTC
AV detection:
28 of 29 (96.55%)
Threat level:
  5/5
Verdict:
unknown
Similar samples:
1ac9d42a596c55757b4f37e6291887149a6070bfedb4e27a86cf3cff4d76f2a2
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201111-ekccgs7v6x/
Behaviour
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Unpacked files
SH256 hash:
2c2a59fb155590024a3b791f460a33525a44b87e1521a409885c5ed0c1b80f31
MD5 hash:
2e53bb4ce91d8d34a56659ebef1818f0
SHA1 hash:
fe76142269c5eb67d05f26754296f49b46ffbed8
Link:
https://www.unpac.me/results/99ac07f2-77a1-4335-9350-32f8ce169984/
SH256 hash:
ddddf9831f0d1873dc65aa7d03afe0bd4e0dbcb170630a410f2860d19d4a0fe8
MD5 hash:
85b5d57d1c67faf57c40bc0142d03ca3
SHA1 hash:
7427de24802af33ad7204cd813a0521cdbc491cd
Link:
https://www.unpac.me/results/99ac07f2-77a1-4335-9350-32f8ce169984/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments