MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4246fc1746438445226f8c1fbd0024c80818c10abddd5e720cd93af7ccd994af. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Dridex


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 4246fc1746438445226f8c1fbd0024c80818c10abddd5e720cd93af7ccd994af
SHA3-384 hash: a9979e2fbf1f9507f253e39fb362204cd2b175e8859ddb9e4340971f3520b096f4adb9db7842aa527e4467c9429239b4
SHA1 hash: c3e92679f954eed5604c12df3db716bfe3d1b0da
MD5 hash: a3bb9a1073c50f46d29115b0cee903ff
humanhash: comet-mobile-nebraska-early
File name:a3bb9a1073c50f46d29115b0cee903ff.dll
Download: download sample
Signature Dridex
Create hunting rule
File size:76'436 bytes
First seen:2021-02-16 19:57:13 UTC
Last seen:2021-02-16 21:54:41 UTC
File type:DLL dll
MIME type:application/x-dosexec
ssdeep 768:zIkAdA51bjY1zRjrz0N7RkeZhmqGqkdGk9COb6qwcmXZ1KJ9Ik2KC+Llc3:nJkj3+yiEqk4k9Co6hcmg52KM
Threatray 1 similar samples on MalwareBazaar
TLSH 2873CF70BA48C961C5150A3BCE97DBFE02213DEFCF5248ABB2E51F4F3922581B617606
Reporter abuse_ch
Tags:dll Dridex

Intelligence

File Origin
# of uploads :
2
# of downloads :
136
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/117426/
Detection(s):
SecuriteInfo.com.Variant.Graftor.923423.4066.23618.UNOFFICIAL
Create hunting rule

Result
Verdict:
Clean
Maliciousness:

Behaviour
Sending a UDP request
Result
Threat name:
Unknown
Detection:
clean
Classification:
n/a
Score:
3 / 100
Link:
https://www.joesandbox.com/analysis/609428
Behaviour
Behavior Graph:
n/a
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/4246fc1746438445226f8c1fbd0024c80818c10abddd5e720cd93af7ccd994af/
Threat name:
Win32.Trojan.Graftor
Create hunting rule
Status:
Malicious
First seen:
2021-02-16 19:58:08 UTC
AV detection:
7 of 47 (14.89%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ijdpyf2giocekitprqp32abezaebrqikxxov44qm3e5pptgzssxq._file
Verdict:
unknown
Similar samples:
6548eeb76a2c4321d3a7ac27b3a6bbfb663f3d38c3968d2add19a3a7ab1f75ff
Dridex
Unpacked files
SH256 hash:
4246fc1746438445226f8c1fbd0024c80818c10abddd5e720cd93af7ccd994af
MD5 hash:
a3bb9a1073c50f46d29115b0cee903ff
SHA1 hash:
c3e92679f954eed5604c12df3db716bfe3d1b0da
Link:
https://www.unpac.me/results/793d3688-c284-46fc-8ab4-4aadf3083408/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.30
Link:
https://yomi.yoroi.company/submissions/4246fc1746438445226f8c1fbd0024c80818c10abddd5e720cd93af7ccd994af

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Dridex

DLL dll 4246fc1746438445226f8c1fbd0024c80818c10abddd5e720cd93af7ccd994af

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/995070/
  
Delivery method
Distributed via web download
Cape
Cape
https://www.capesandbox.com/analysis/117426/

Comments