MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 50a04c31c1cbb757f2ee873b00c4e63d7bbd0838bfa79acd163b9b070e7058a5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 50a04c31c1cbb757f2ee873b00c4e63d7bbd0838bfa79acd163b9b070e7058a5
SHA3-384 hash: 7f2af7054748d00d64365a8ce24601c8f17f2f5ee2bd4604f198cba2f6195f341be617d49aa5be1f2427f91c42c76870
SHA1 hash: 55eeb7b8a5bf00adcaabd2aca18cb842538904d8
MD5 hash: 173e2002010679c163e483c3c53a64bc
humanhash: island-salami-river-delta
File name:Purchase order from Innovix Distribution Limited, China-Pdf.xz
Download: download sample
File size:842'545 bytes
First seen:2020-11-06 07:13:17 UTC
Last seen:Never
File type: xz
MIME type:application/x-rar
ssdeep 12288:lszsv6Y4qOg09JH0pK+sCIfFx8fZwDM5KpCYs6fKAuAb4Dl7yYfFeohWewJ93uu9:7C1FJUp/IQwDMUpCXTAuAbyyyo8uQm
TLSH 83052334CC4965C9CB5128D8D7B2C669B523FFA207346AF0C0D776BB08AE852D17686F
Reporter abuse_ch
Tags:xz


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: mail.h-email.net
Sending IP: 172.93.220.38
From: Eric Wang <waico@guyana.net.gy>
Subject: REQUEST FOR QUOTATION - NO: 792-286
Attachment: Purchase order from Innovix Distribution Limited, China-Pdf.xz (contains "Purchase order from Innovix Distribution Limited, China-Pdf.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
76
Origin country :
n/a
Vendor Threat Intelligence
Result
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/50a04c31c1cbb757f2ee873b00c4e63d7bbd0838bfa79acd163b9b070e7058a5/
Threat name:
Win32.Trojan.Tnega
Create hunting rule
Status:
Malicious
First seen:
2020-11-05 19:04:00 UTC
AV detection:
13 of 29 (44.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=kcqeymobzo3vp4xoq45qbrhghv532cbyx6tzvtiwhonqodtqlcsq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

xz 50a04c31c1cbb757f2ee873b00c4e63d7bbd0838bfa79acd163b9b070e7058a5

(this sample)

Executable exe 3884416ed543cf9e49847f996a2fc56276ba8e95fdd753946fecb09268b834cc

  
Dropping
MD5 ade17d30246f8751bfb663042f90a942
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 3884416ed543cf9e49847f996a2fc56276ba8e95fdd753946fecb09268b834cc

Comments