MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 413d0aacddad41105f9f04de12cae9420919083796ed856df47ee2c7b3767fda. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Bitter

Vendor detections: 6

Intelligence 6 IOCs YARA File information Comments

SHA256 hash:	413d0aacddad41105f9f04de12cae9420919083796ed856df47ee2c7b3767fda
SHA3-384 hash:	1349946bf5c7efd9d3b0cd0e6d18606c11ffea7af27dd6379b46873712dd4e2c1a912fd5308fc0a961fe683d67384c24
SHA1 hash:	dd9342faa65376801a26f0a58534c7e4cbffc614
MD5 hash:	0b4aab3d1e2946b15b70a63187c1f927
humanhash:	xray-jersey-romeo-south
File name:	Invitation To Attend Cryptocurrency Awareness Seminar.chm
Download:	download sample
Signature	Bitter Create hunting rule
File size:	11'264 bytes
First seen:	2023-09-04 17:00:29 UTC
Last seen:	Never
File type:
MIME type:	application/octet-stream
ssdeep	48:BH/gB09I06QRlEFlErlEl6I5s+BIj9SElv2JlMLFCBkkqGdDHugTae8Bn7pWH8N:BHNIDagi2/oC0iHfae4VWHW
TLSH	T120323CB0E3818674D3008F36ABC29987B625BC82D528C96B115F771D18B2F0A77B90D7
TrID	81.0% (.CHI) Windows HELP Index (17144/6) 18.9% (.CHM) Windows HELP File (4000/1)
Reporter	smica83
Tags:	apt Bitter chm

Intelligence

File Origin

# of uploads :

# of downloads :

132

Origin country :

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.Exploit.ActiveX.23.9567.5837.UNOFFICIAL

Verdict:

Suspicious

Threat level:

5/10

Confidence:

100%

Tags:

masquerade

Link:

https://www.filescan.io/uploads/64f60d4f5c5d7698b7f6349e/reports/70de7e4a-2412-40fa-962b-5f99164a9a56/overview

Verdict:

Malicious

Labled as:

Downloader/HTML.Generic

Link:

https://www.hybrid-analysis.com/sample/413d0aacddad41105f9f04de12cae9420919083796ed856df47ee2c7b3767fda

Result

Verdict:

MALICIOUS

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/413d0aacddad41105f9f04de12cae9420919083796ed856df47ee2c7b3767fda/

Threat name:

Document-HTML.Trojan.Heuristic

Status:

Malicious

First seen:

2023-09-04 07:09:29 UTC

File Type:

Binary (Archive)

Extracted files:

AV detection:

12 of 36 (33.33%)

Threat level:

2/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=ie6qvlg5vvarax47atpbfsxjiierscbxs3wyk3pup3rmpm3wp7na._file

Verdict:

Malicious

Link:

https://www.vmray.com/analyses/_mb/413d0aacddad/report/overview.html

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.25

Link:

https://yomi.yoroi.company/submissions/413d0aacddad41105f9f04de12cae9420919083796ed856df47ee2c7b3767fda

File information

The table below shows additional information about this malware sample such as delivery method and external references.

No further information available

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample