MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4b8a4abd0ae086c71b87e2ed0983f96eb9bf010f5ca10c0f37bbafbc1ebe2a1d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 4b8a4abd0ae086c71b87e2ed0983f96eb9bf010f5ca10c0f37bbafbc1ebe2a1d
SHA3-384 hash: 83c620a93845fddadc4829ec0c542507bfb63f21db99f533468aa5568310bcfae51da97377fe1a7e87d354eb056e0cdf
SHA1 hash: 1d9106e9460ea756b84bc4cc8b730a69b0b19836
MD5 hash: dd2b1a1fc046abf55727f77ec9464f63
humanhash: nitrogen-missouri-winner-arizona
File name:grabbot_0.1.5.7.vir
Download: download sample
Signature n/a
File size:302'592 bytes
First seen:2020-07-19 19:23:17 UTC
Last seen:2020-07-19 19:49:40 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 84a9a6c71fbf0ba9ad81ab428f9fbc25
ssdeep 6144:ZmXdexiY0NO7RUMn5oeCOM053v/cDyfIpSkKEbGNzGxroM4HB5zom:+NO7+a5oeh5v/cDWIrXGkM
TLSH BA549D0335CEACF0E8AAE1774998D7EEC915D2B7A78C6C89521DF3561987014CBE39C2
Reporter @tildedennis
Tags:grabbot


Twitter
@tildedennis
grabbot version 0.1.5.7

Intelligence


File Origin
# of uploads :
2
# of downloads :
19
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Unauthorized injection to a recently created process
Connection attempt to an infection source
Threat name:
Win32.Trojan.Kryptik
Status:
Malicious
First seen:
2015-11-18 00:36:00 UTC
AV detection:
21 of 25 (84.00%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  8/10
Tags:
n/a
Behaviour
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Loads dropped DLL
Executes dropped EXE
Executes dropped EXE
Threat name:
Unknown
Score:
1.00

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments