MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3bb4918f51f250f3030290f1260cd0683341644efb8b600bab09f9cec2529527. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3bb4918f51f250f3030290f1260cd0683341644efb8b600bab09f9cec2529527
SHA3-384 hash: c837622cbe2cc598b9954588fd48141448f1b2aba782fbfcac3374f05dbc54bdd03018d98505237b2ef23a17b01294e8
SHA1 hash: 3f74d31f15bc94493474f23012ce5951ebe61ec0
MD5 hash: 47ab84758f505304cc8d088c37a85080
humanhash: monkey-west-fifteen-quiet
File name:3bb4918f51f250f3030290f1260cd0683341644efb8b600bab09f9cec2529527
Download: download sample
File size:146'789 bytes
First seen:2020-11-07 20:18:12 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 8eb90f63ff7fc0bd388dac1d27b3afce (4 x Sytro)
ssdeep 3072:0SHxUPpwexCH38qltPG+BOE/1lvwhtccmE9F3h3g0X:0kxve+8utPG+Bt5QKzEVxX
Threatray 1 similar samples on MalwareBazaar
TLSH 11E39D1D227ADBFFE2D29B3835F6D424F9E1A4A12F7C82DDC532041EC694D364827A25
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
76
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Win.Worm.Sytro-7112048-0
Create hunting rule

Win.Worm.Sytro-35
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Sending a UDP request
Creating a file in the Windows subdirectories
Creating a file in the Windows directory
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/3bb4918f51f250f3030290f1260cd0683341644efb8b600bab09f9cec2529527/
Threat name:
Win32.Worm.Soltern
Create hunting rule
Status:
Malicious
First seen:
2020-09-26 07:44:00 UTC
AV detection:
28 of 29 (96.55%)
Threat level:
  5/5
Verdict:
unknown
Similar samples:
f35dea5ceeb65f42b100de783867cc8e3df68427a16539a7154143210b5ffd48
Result
Malware family:
n/a
Score:
  4/10
Tags:
n/a
Link:
https://tria.ge/reports/201108-vac6caqywe/
Behaviour
Drops file in Windows directory
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments