MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3611035faf63b8bf14c88a9bd02e3783f2bde3128c97f6317d4d4c912463ef39. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Gamaredon


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3611035faf63b8bf14c88a9bd02e3783f2bde3128c97f6317d4d4c912463ef39
SHA3-384 hash: ea4250e37f2d051d566104efa2cdd4926fac309e7e9fcbd7388d9d895d5add04840656edd6c8748b2f985561303e707e
SHA1 hash: 6899717a62121dd865d7cb23a94594619f05a668
MD5 hash: ba053b1357cb472539d6c9b9348f8e46
humanhash: pizza-may-illinois-london
File name:2-1180-25_03.06.2025.xhtml
Download: download sample
Signature Gamaredon
Create hunting rule
File size:31'791 bytes
First seen:2025-06-04 23:19:00 UTC
Last seen:Never
File type:
MIME type:text/html
ssdeep 768:FB4ORCEvMGg4CQTZngDuZUz+fCxfzZsFUyJmCM:FyOEEvM8b1gaaz+gLOJJTM
TLSH T1E5E2F81BB0371DF415445E8C2D132AD789CC9099DBF021B0AABDD6BFC57E079A0D92AB
TrID 80.6% (.HTM/HTML) HyperText Markup Language with DOCTYPE (12501/2/4)
19.3% (.HTML) HyperText Markup Language (3000/1/1)
Magika txt
Reporter smica83
Tags:apt gamaredon UKR xhtml

Intelligence

File Origin
# of uploads :
1
# of downloads :
194
Origin country :
HU HU
Vendor Threat Intelligence
Verdict:
Malicious
Score:
94.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=68412e058bd5d68a12e5645e
Tags:
virus spawn sage
Score:
17%
Verdict:
Benign
File Type:
SCRIPT
Link:
https://malprob.io/report/3611035faf63b8bf14c88a9bd02e3783f2bde3128c97f6317d4d4c912463ef39
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=gyiqgx5pmo4l6fgirkn5alrxqpzl3yysrsl7mml5jvgjcjdd544q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/3611035faf63b8bf14c88a9bd02e3783f2bde3128c97f6317d4d4c912463ef39

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Gamaredon

3611035faf63b8bf14c88a9bd02e3783f2bde3128c97f6317d4d4c912463ef39

(this sample)

Gamaredon

zip 9ce60dde11c1ad72af22ccd774c0efe9c5a206e9dcfbc2388a1b09cc70747f09

  
X
https://x.com/malwrhunterteam/status/1930355858778796419?t=rc28-DFJXvTECijPBI3D0Q&s=19
  
Dropping
SHA256 9ce60dde11c1ad72af22ccd774c0efe9c5a206e9dcfbc2388a1b09cc70747f09
  
Dropping
MD5 04c44dc56980df576de4863458293b4c

Comments