MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4f4377328a0d79b57f4c6436451d51d01ff783e05f7cb0139ca3b8feed356e35. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Jadtre

Vendor detections: 6

Intelligence 6 IOCs YARA File information Comments

SHA256 hash:	4f4377328a0d79b57f4c6436451d51d01ff783e05f7cb0139ca3b8feed356e35
SHA3-384 hash:	2085f045b02015763d34cc879cb0b17100ccfb661f10d14b15317c6bfdea18eb874de243394bf4920207a41d1c289e39
SHA1 hash:	15a110f4a42688ba1c9a1923c907ec98822c6b91
MD5 hash:	8a2ad5b907e010910a2f87006d03fa75
humanhash:	alanine-red-asparagus-wyoming
File name:	aa731cc10e0ed4800f2401412e6ffa91
Download:	download sample
Signature	Jadtre Create hunting rule
File size:	27'136 bytes
First seen:	2020-11-17 14:14:42 UTC
Last seen:	Never
File type:	exe
MIME type:	application/x-dosexec
imphash	87bed5a7cba00c7e1f4015f1bdae2183 (3'034 x Jadtre, 23 x IcedID, 17 x Blackmoon)
ssdeep	768:Sd5u7mNGtyVfhPLqQGPL4vzZq2oZ7GkxTq7B:Sd5z/fhzJGCq2w7I
Threatray	1'337 similar samples on MalwareBazaar
TLSH	06C2D0B2CE8080FFC0CB3472204512DBAB575A72656A7867E710981E7DBCDE0DA7A753
Reporter	seifreed

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

n/a

Vendor Threat Intelligence

Detection(s):

PUA.Win.Packer.Asprotect-3

Win.Malware.Vtflooder-6260355-1

Win.Malware.Cerbu-9789017-0

Result

Verdict:

Malware

Maliciousness:

Behaviour

Creating a file in the %temp% directory

Creating a process from a recently created file

Creating a window

Changing an executable file

Sending a UDP request

DNS request

Connection attempt

Sending an HTTP POST request

Modifying an executable file

Creating a file

Running batch commands

Creating a process with a hidden window

Connection attempt to an infection source

Infecting executable files

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/4f4377328a0d79b57f4c6436451d51d01ff783e05f7cb0139ca3b8feed356e35/

Threat name:

Win32.Virus.Jadtre

Status:

Malicious

First seen:

2020-11-17 14:15:24 UTC

AV detection:

27 of 29 (93.10%)

Threat level:

5/5

Verdict:

malicious

Unpacked files

SH256 hash:

4f4377328a0d79b57f4c6436451d51d01ff783e05f7cb0139ca3b8feed356e35

MD5 hash:

8a2ad5b907e010910a2f87006d03fa75

SHA1 hash:

15a110f4a42688ba1c9a1923c907ec98822c6b91

Link:

https://www.unpac.me/results/f6e3bca6-20e8-4b51-8749-0b2fe5e3a495/

SH256 hash:

18cb2c4e194f0acb02458c2d0cc3a4ceda5e8645f9cbeab3bc62b7aff6027857

MD5 hash:

5fd2510ed79cdd1a8d4bfda599c3cf4b

SHA1 hash:

7d3c8682023e3a3cd65f725a10b57cfdda90a0da

Detections:

win_unidentified_045_g0

win_unidentified_045_auto

Link:

https://www.unpac.me/results/f6e3bca6-20e8-4b51-8749-0b2fe5e3a495/

SH256 hash:

e4ed9d06ebe6df324723514a48ca6cc11713df82b8c52154c168258828ffa54a

MD5 hash:

a342408e46ad341ca1a4ff56b8b16eb3

SHA1 hash:

4748d4ae3e3f0a20ad01c564fdbc110f7dfc4ca3

Link:

https://www.unpac.me/results/f6e3bca6-20e8-4b51-8749-0b2fe5e3a495/

SH256 hash:

1d0aabded718e0715260b0018db2ffc7f70eba82f744cd03fe0f01f01231281f

MD5 hash:

5db34550b611eef211f2b07387f28374

SHA1 hash:

52f3184c1ac00a6cf88415a16a398063d91fd9a1

Link:

https://www.unpac.me/results/f6e3bca6-20e8-4b51-8749-0b2fe5e3a495/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/4f4377328a0d79b57f4c6436451d51d01ff783e05f7cb0139ca3b8feed356e35

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Delivery method

Other

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample