MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4893bcf8553f34fcbd61f3da087f9e9ed9f8f0ec50d9a121859316642e055524. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments

SHA256 hash: 4893bcf8553f34fcbd61f3da087f9e9ed9f8f0ec50d9a121859316642e055524
SHA3-384 hash: 40184b582192af1d3d38732268de4d826d204617a2dd091e4c8809bb671f35d82e712485989fb2aaa4cf58c7d18a828c
SHA1 hash: 1d8fe3d8aaf6fd72a2751d032069a39ea2444c07
MD5 hash: 226bae8beeb2ba60f0722a69666bfc7d
humanhash: eleven-mango-don-emma
File name:4893bcf8553f34fcbd61f3da087f9e9ed9f8f0ec50d9a121859316642e055524
Download: download sample
File size:1'017'344 bytes
First seen:2020-11-07 17:17:36 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744 (48'666 x AgentTesla, 19'479 x Formbook, 12'209 x SnakeKeylogger)
ssdeep 24576:g+fgKj14w1jmgztwmfwsDZJ5FmaiDR9pPr:a+1cgza8Fmaix
Threatray 76 similar samples on MalwareBazaar
TLSH 292527201646DA18F1BA33F7846744F0A7F9BC03BE61D5AE79A4348A4568BD38F1371E
Reporter seifreed

Intelligence


File Origin
# of uploads :
1
# of downloads :
51
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Sending a UDP request
Launching the default Windows debugger (dwwin.exe)
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Threat name:
ByteCode-MSIL.Trojan.Heracles
Status:
Malicious
First seen:
2020-11-07 17:22:14 UTC
AV detection:
25 of 29 (86.21%)
Threat level:
  5/5
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Behaviour
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Program crash
Unpacked files
SH256 hash:
4893bcf8553f34fcbd61f3da087f9e9ed9f8f0ec50d9a121859316642e055524
MD5 hash:
226bae8beeb2ba60f0722a69666bfc7d
SHA1 hash:
1d8fe3d8aaf6fd72a2751d032069a39ea2444c07
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments