MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 434ea880ad59cffded73a776f3a01a75e6afef21fc6dca45b364fd3f0ba54de3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments

SHA256 hash: 434ea880ad59cffded73a776f3a01a75e6afef21fc6dca45b364fd3f0ba54de3
SHA3-384 hash: c14ebd2d8bd44e8ae7fa69661fa6a7ca27c18d1d98d71b8241303e1592bc8fd72c9045213ab3f67226092d6c2627e105
SHA1 hash: 8a59e90bcde0e2c2e44c0229c7cb23e97ae78158
MD5 hash: b1ac65c3e4c734439003a182024b131f
humanhash: twenty-kitten-network-beryllium
File name:paymentslip.exe
Download: download sample
Signature n/a
File size:11'496'869 bytes
First seen:2020-04-27 21:15:04 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash e72c3bfcbb77a361abf35cfdb2b95db2 (1 x Formbook, 1 x Mimikatz, 1 x BlackKingdom)
ssdeep 196608:aNr3xDGuF1AMxAsmBXGe/tbYPvbJQlHmFC8C6zlXTsMHEC3E:W3xbF1YNGe/kJQlGZsvy
Threatray 34 similar samples on MalwareBazaar
TLSH 41C63343DEB2CC37C1E7137710E8F9B50C6CAC558F7A70A62A88B924EDF7184D9A4856
Reporter @Racco42
Tags:exe

Intelligence


File Origin
# of uploads :
1
# of downloads :
81
Origin country :
FR FR
Mail intelligence
No data
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Lazagne
Status:
Malicious
First seen:
2020-04-28 01:24:45 UTC
File Type:
PE (Exe)
Extracted files:
1776
AV detection:
24 of 48 (50.00%)
Threat level:
  5/5

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Executable exe 434ea880ad59cffded73a776f3a01a75e6afef21fc6dca45b364fd3f0ba54de3

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments