MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3dfcbbe9c590fa17ad0bf26d16d5dd192054ec6ae9199d38b4b7981ce916bebe. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3dfcbbe9c590fa17ad0bf26d16d5dd192054ec6ae9199d38b4b7981ce916bebe
SHA3-384 hash: f326203f0b9547089274f6500e5b0aca7dc9a06edcdf90ae406e6eab9445ff4cf8370e4f689bfbe6b82d652972112fe4
SHA1 hash: 91d598eaf935ec11e3c171755a6606916c5d9699
MD5 hash: 87445df2756dc7ebd2442967a88fb357
humanhash: comet-emma-oregon-leopard
File name:ded.zip
Download: download sample
File size:1'143'178 bytes
First seen:2022-04-14 12:12:56 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 24576:z8qTQVyTrJxXxnH2eHiP6qTbVwVprJxXznH0e9qx+do/:5TjjWeHaTQtUe9qQdo/
TLSH T16D352389E7B56D27F16BFB773488B681F470C809608DF80B6AD051824D131EE9A716EF
TrID 58.3% (.MAFF) Mozilla Archive Format (gen) (7000/1/1)
33.3% (.ZIP) ZIP compressed archive (4000/1)
8.3% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Reporter JAMESWT_WT
Tags:bancacaixa zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
165
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.GenericKD.48864764.9123.856.UNOFFICIAL
Create hunting rule

Result
Verdict:
Malicious
File Type:
HTML File - Malicious
Link:
https://app.docguard.net/3dfcbbe9c590fa17ad0bf26d16d5dd192054ec6ae9199d38b4b7981ce916bebe/results/dashboard
Payload URLs
URL
File name
https://sis.redsys.es/sis/graficos/logotipos/comunes/9999favicon.ico
HTML File
Verdict:
No Threat
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/62580fd1eab80a7a6c12b812/reports/5e3a5602-16fa-4286-a571-ab9fc9b55fc9/overview
Result
Verdict:
MALICIOUS
Link:
https://labs.inquest.net/dfi/sha256/3dfcbbe9c590fa17ad0bf26d16d5dd192054ec6ae9199d38b4b7981ce916bebe
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/3dfcbbe9c590fa17ad0bf26d16d5dd192054ec6ae9199d38b4b7981ce916bebe/
Threat name:
Document-HTML.PUA.Uwamson
Create hunting rule
Status:
Malicious
First seen:
2022-04-02 11:17:29 UTC
File Type:
Binary (Archive)
Extracted files:
145
AV detection:
8 of 26 (30.77%)
Threat level:
  1/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/220414-pdqh1abbe5/
Behaviour
Modifies Internet Explorer settings
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/3dfcbbe9c590fa17ad0bf26d16d5dd192054ec6ae9199d38b4b7981ce916bebe

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments