MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3f3bf242dca91e0e140cd9b41d146ecda6b3644fffb574fec3a2cbae723c8d34. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

CoinMiner

Vendor detections: 6

Intelligence 6 IOCs YARA File information Comments

SHA256 hash:	3f3bf242dca91e0e140cd9b41d146ecda6b3644fffb574fec3a2cbae723c8d34
SHA3-384 hash:	1cc85f0be3960a152353f85efeae553d14ee952140e59ec329a8d54517711f37df7e2dc1f1a9052fdbce29be20b4b7b3
SHA1 hash:	1988e3e907e677d143fbddf16843f46c85a955f1
MD5 hash:	577be233e5f19c39ea21ad986e5cce56
humanhash:	speaker-three-zebra-whiskey
File name:	577be233e5f19c39ea21ad986e5cce56.exe
Download:	download sample
Signature	CoinMiner Create hunting rule
File size:	3'088'857 bytes
First seen:	2022-03-26 16:05:19 UTC
Last seen:	2024-07-24 13:25:56 UTC
File type:	exe
MIME type:	application/x-dosexec
imphash	4e4095a0d90406c8428c5d9a9c6b05b7 (26 x CoinMiner, 4 x CoinMiner.XMRig)
ssdeep	49152:ADg4pPJV9L8pLiOzlyZ6niYM57Vdv2FnQRAN3A+HKnwIH6rLCO/2aex:ADgc8pLiOpyZ6+57DCQabHm++
TLSH	T114E502B86160335CC41AC4789533FE44F2B1552F4FF8A9BAB1DFBA803B6B454EA41E46
Reporter	abuse_ch
Tags:	CoinMiner exe

Intelligence

File Origin

# of uploads :

# of downloads :

321

Origin country :

n/a

Vendor Threat Intelligence

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/258061/

Detection(s):

SecuriteInfo.com.Win32.Packed.VMProtect.ACR.5131.24975.UNOFFICIAL

Result

Verdict:

Clean

Maliciousness:

Verdict:

Suspicious

Threat level:

5/10

Confidence:

100%

Tags:

overlay packed

Link:

https://www.filescan.io/uploads/623f39c59253b276b77a56ae/reports/12a8536d-986f-4653-bd18-fba9ad7929e7/overview

Result

Verdict:

MALICIOUS

Details

Windows PE Executable

Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.

Verdict:

Malicious

Link:

https://analyze.intezer.com/analyses/525d3447-a8ba-4479-9988-db67920f7326

Result

Threat name:

Unknown

Detection:

malicious

Classification:

n/a

Score:

52 / 100

Link:

https://www.joesandbox.com/analysis/965108

Signature

Machine Learning detection for sample

Multi AV Scanner detection for submitted file

Behaviour

Behavior Graph:

Download SVG

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/3f3bf242dca91e0e140cd9b41d146ecda6b3644fffb574fec3a2cbae723c8d34/

Threat name:

Win64.Trojan.Generic

Status:

Suspicious

First seen:

2022-03-26 16:06:23 UTC

File Type:

PE+ (Exe)

AV detection:

9 of 26 (34.62%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=h457eqw4vepa4fam3g2b2fdozwtlgzcp762xj7wdulf244r4ru2a._file

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/220326-tj6jmaefe7/

Unpacked files

SH256 hash:

3f3bf242dca91e0e140cd9b41d146ecda6b3644fffb574fec3a2cbae723c8d34

MD5 hash:

577be233e5f19c39ea21ad986e5cce56

SHA1 hash:

1988e3e907e677d143fbddf16843f46c85a955f1

Link:

https://www.unpac.me/results/b3357b24-e50a-4afd-ab8c-f64f352c1819/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/3f3bf242dca91e0e140cd9b41d146ecda6b3644fffb574fec3a2cbae723c8d34

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

CoinMiner

exe 3f3bf242dca91e0e140cd9b41d146ecda6b3644fffb574fec3a2cbae723c8d34

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/2109352/

Delivery method

Distributed via web download

Cape

https://www.capesandbox.com/analysis/258061/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample