MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3cce8d243f287b196f4f06a8d1aada955890fcd703969c9a411ae40eda8c6c63. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 7

Intelligence 7 IOCs YARA File information Comments

SHA256 hash:	3cce8d243f287b196f4f06a8d1aada955890fcd703969c9a411ae40eda8c6c63
SHA3-384 hash:	247eee1e9068027f0f0860db96d476a166161a492f619c2b5fb961aafa7fedea47ea412f1d7edcea47b2866e8e428c87
SHA1 hash:	90113ab954ce3ef3566a89c0b091161f43db28b9
MD5 hash:	8024f252d50027fe630d0280b181d65a
humanhash:	cup-robert-kentucky-uranus
File name:	UN_Regional_Meeting_2026.rar
Download:	download sample
File size:	287'871 bytes
First seen:	2026-03-16 17:10:36 UTC
Last seen:	Never
File type:	rar
MIME type:	application/x-rar
ssdeep	6144:x6VtxCQ2fISYGrfuPDO5A+WekgaBeTQHmh805l/nz49mXPrYxmUy:IDTCrfUDO5A+6gsHYZb/zImXUxmh
TLSH	T16D54233C81BD8030B2DE11BC84D657C669D23D426FAD0248FB2D937C759E1AA1AB8DF5
TrID	61.5% (.RAR) RAR compressed archive (v5.0) (8000/1) 38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Magika	rar
Reporter	smica83
Tags:	rar

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

File Archive Information

This file archive contains 2 file(s), sorted by their relevance:

File name:	Приложение_к_письму_Протокол_по_итогам_встречи_ООН.docx.exe
File size:	102'400 bytes
SHA256 hash:	a146e914560229a3389589acaee42cbcd37504731f8c7ba17676678db0547fed
MD5 hash:	9e578ba021bc92bbab94e08c3a0c1207
MIME type:	application/x-dosexec

File name:	Информационная справка по итогам многосторонней встречи МИД-ООН-ЦА (09.02.2026).pdf
File size:	0 bytes
SHA256 hash:	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
MD5 hash:	d41d8cd98f00b204e9800998ecf8427e
MIME type:	inode/x-empty

Vendor Threat Intelligence

Details

Link:

https://research.acce.ciphertechsolutions.com/results/61549523-6359-4676-a3f9-d2caec618221/

Detection(s):

Legacy.Trojan.Agent-1388784

Legacy.Trojan.Agent-1388773

Sanesecurity.Foxhole.Rar_docx.UNOFFICIAL

Verdict:

Malicious

Score:

95.7%

Link:

https://cyber-fortress.com/docs/result/index.php?id=69b839b488c80c01586ad780

Tags:

underscore virus micro msil

Verdict:

Unknown

Link:

https://www.hybrid-analysis.com/sample/3cce8d243f287b196f4f06a8d1aada955890fcd703969c9a411ae40eda8c6c63

Verdict:

Malicious

File Type:

rar

First seen:

2026-02-10T05:32:00Z UTC

Last seen:

2026-02-10T09:05:00Z UTC

Hits:

~10

Link:

https://opentip.kaspersky.com/3cce8d243f287b196f4f06a8d1aada955890fcd703969c9a411ae40eda8c6c63/results?tab=lookup

Verdict:

inconclusive

YARA:

1 match(es)

Tags:

Rar Archive

Link:

https://app.malva.re/file/8024f252d50027fe630d0280b181d65a

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/3cce8d243f287b196f4f06a8d1aada955890fcd703969c9a411ae40eda8c6c63/

Threat name:

Win32.Trojan.Etset

Status:

Malicious

First seen:

2026-03-16 17:11:42 UTC

File Type:

Binary (Archive)

AV detection:

13 of 22 (59.09%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=hthi2jb7fb5rs32pa2undkw2svmjb7gxaoljzgsbdlsa5wumnrrq._file

Result

Malware family:

n/a

Score:

3/10

Tags:

n/a

Link:

https://tria.ge/reports/260316-y1qlyscw91/

Behaviour

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

0.77

Link:

https://yomi.yoroi.company/submissions/3cce8d243f287b196f4f06a8d1aada955890fcd703969c9a411ae40eda8c6c63

File information

The table below shows additional information about this malware sample such as delivery method and external references.

https://x.com/i/status/2033590183929721308

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample