MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 50c4f50631ff8568e8188029ee71a4745d9fe6f39c731eef8fab34f50b6df9e1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Threat unknown
Vendor detections: 3
| SHA256 hash: | 50c4f50631ff8568e8188029ee71a4745d9fe6f39c731eef8fab34f50b6df9e1 |
|---|---|
| SHA3-384 hash: | 95ed6edddb386e5f1d0553e17539b752fe18604853eaadb7d85146ffc39a8aaacccbb3298829677edccde2bd0400b8e4 |
| SHA1 hash: | 99bbfa834ee61333919564c6a6d78d760dccb55f |
| MD5 hash: | 9831e149e33ff03b1452080ffd02616e |
| humanhash: | fillet-black-sixteen-nine |
| File name: | DEKONT PDF 2.rar |
| Download: | download sample |
| File size: | 722'903 bytes |
| First seen: | 2020-11-05 09:14:23 UTC |
| Last seen: | Never |
| File type: | rar |
| MIME type: | application/x-rar |
| ssdeep | 12288:cBE1AlY/ateVeSA8X02AudIKgbA6Xfn7JPwimp2qosd+e+aFLIyb1jaZ0IRc4L:coYY/keV/Zk29jg86vMp25sJbFLt160C |
| TLSH | B0F42306DB3A408A0C4D993F3B0D0D0114E5AF74564A8FA14ACBFE98DDE95976DD09F3 |
| Reporter | |
| Tags: | geo rar TUR ZiraatBank |
abuse_ch
Malspam distributing unidentified malware:HELO: srv1.demspor.com
Sending IP: 31.169.94.221
From: ZIRAAT BANKAS <ziraatbank@ileti.ziraatbank.com.tr>
Reply-To: DHL International<ahsen.coskun@kuzeyboru.com.tr>
Subject: DEKONT
Attachment: DEKONT PDF 2.rar (contains "56565656.exe")
Intelligence
File Origin
# of uploads :
1
# of downloads :
72
Origin country :
n/a
Vendor Threat Intelligence
Threat name:
Win32.Trojan.Malrep
Status:
Malicious
First seen:
2020-11-04 21:14:04 UTC
AV detection:
14 of 29 (48.28%)
Threat level:
5/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
rar 50c4f50631ff8568e8188029ee71a4745d9fe6f39c731eef8fab34f50b6df9e1
(this sample)
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.