MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5314fb6c00ef1ea2cdc351aa4abb7117383de9e4d205dc9e8ddf093d2fffff29. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


NanoCore


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 5314fb6c00ef1ea2cdc351aa4abb7117383de9e4d205dc9e8ddf093d2fffff29
SHA3-384 hash: fcb58234282ee1c6d34755a1dc783e5a060ca402f7bc1482c6e21e2ab6127d70d6e1a44d958644ecd3d054e176a835ba
SHA1 hash: 965410a21140a2c8204745ca29b1f24212ebbe8e
MD5 hash: 3f277c0605a7c1d7694026111a856c1b
humanhash: march-illinois-nitrogen-hydrogen
File name:Product List.gz
Download: download sample
Signature NanoCore
Create hunting rule
File size:797'949 bytes
First seen:2020-05-22 06:46:15 UTC
Last seen:Never
File type: gz
MIME type:application/x-rar
ssdeep 12288:+Sq9YplydzKfdUR1mqsCSFerTW/cGM7FYqVmFVx3m3iyBazDMdmcp+1w:NRTW641psjkWGCqMFH3VFN1w
TLSH 4C05239F699D2549BB2FC7B245C0440915EAA6233F0623963437ACDD2E3BE4E973CE41
Reporter cocaman
Tags:gz NanoCore


Avatar
cocaman
Malicious email
From: "info@ilezoni.pw" <info@ilezoni.pw>
Received: from ilezoni.pw (ns1.ilezoni.pw [173.82.238.171])
Date: Thu, 21 May 2020 19:35:35 -0700
Subject: Product List/Request For Quotation-05/20/2020
Attachment: Product List.gz

Intelligence

File Origin
# of uploads :
1
# of downloads :
63
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Injector
Create hunting rule
Status:
Malicious
First seen:
2020-05-22 07:36:41 UTC
File Type:
Binary (Archive)
Extracted files:
12
AV detection:
14 of 30 (46.67%)
Threat level:
  2/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

NanoCore

gz 5314fb6c00ef1ea2cdc351aa4abb7117383de9e4d205dc9e8ddf093d2fffff29

(this sample)

NanoCore

Executable exe d8d34e80a7635cfc5ae81a024d27c2c3a30e1f4121d8be8d9a9dc2c40c984bfb

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 d8d34e80a7635cfc5ae81a024d27c2c3a30e1f4121d8be8d9a9dc2c40c984bfb
  
Dropping
NanoCore

Comments