MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 481c224422b88ebbb4a426d1c40bcd559349fa496557427ce31bd6075bf72ee9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 481c224422b88ebbb4a426d1c40bcd559349fa496557427ce31bd6075bf72ee9
SHA3-384 hash: 58613ab8ebf5851b1aa9d848bb1da5e752306ddb240698e468d37de39f70456a48b257d33bc5973749d8572a784ba0d1
SHA1 hash: d147cf18ef07817c3ae9a04ea884d2e21a431845
MD5 hash: 540e15b8b69c89cc20937eef861960e0
humanhash: nitrogen-pizza-ink-fanta
File name:87e4c8d8ee47d67cea9de6eebac510cf
Download: download sample
File size:4'023'646 bytes
First seen:2020-11-17 12:14:21 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 00be6e6c4f9e287672c8301b72bdabf3 (116 x RedLineStealer, 70 x AsyncRAT, 55 x AgentTesla)
ssdeep 49152:zjSZ01lUAtPtJ31fxN2WcPn5SELUVDXNz7R4ISHFeTB6zfPUNWj3/6aXd+zL2i01:qZ01W8fFpBg5JL0DRGIAy+U1SwyFNT1
Threatray 301 similar samples on MalwareBazaar
TLSH 1A163301B1C081B2D67635F1492AB61195B97C281D68DE5EBBF833AC84719C3DE71E2F
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
62
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
Clean
Maliciousness:

Behaviour
Creating a window
Searching for the window
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/481c224422b88ebbb4a426d1c40bcd559349fa496557427ce31bd6075bf72ee9/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-11-17 12:18:05 UTC
AV detection:
17 of 48 (35.42%)
Threat level:
  5/5
Verdict:
unknown
Similar samples:
0ba844126112cd1af93968ecb760709771c821722774dbaf2bafe00c086a6593
0edb9b65eac66a632e3e44c385ee861d360ee50e84e314c855bcf01aa9933c50
36659906eb6832c7e9e93050a0ed361a18da1498c9a40eb85f2b7db7aba378b5
452d3d97689e5c5fcfdb2cad360b5768fbb7fedd07166e4e5131844196d4ddb0
52d5e596c1da82e5895bcd485a98989ff1b81ab3ee5baa13a41ff1c2808493eb
61d4ffa8f628b886b63e70a83fc7fcaf89cfe976ef1554f20d481487e5da94fe
b612774ad4b7938e618550c24b3ffafc64517a7d5ba6a158b2bd0fe118e3061d
c403653d9365244e3cd40e72e2e1c173cc2698176393e7cc8246f7c02c508953
d98190863e8f53c385de8531ac7e5e89dc61cdaf17df688614ded12c24c78d31
fefdd2a90c1eda565689d37b29b0a36d479f18ef17a1c631eb021ccb9a62e8b7
+ 291 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201117-fr3nyfpaes/
Behaviour
Suspicious behavior: GetForegroundWindowSpam
Unpacked files
SH256 hash:
481c224422b88ebbb4a426d1c40bcd559349fa496557427ce31bd6075bf72ee9
MD5 hash:
540e15b8b69c89cc20937eef861960e0
SHA1 hash:
d147cf18ef07817c3ae9a04ea884d2e21a431845
Link:
https://www.unpac.me/results/aa22cd89-4673-45f0-9877-f90986c25b73/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments