MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 53ee6332f7d557bbc438fbce2d121700ec1fdd229016a98b4e1138059b0f9035. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 53ee6332f7d557bbc438fbce2d121700ec1fdd229016a98b4e1138059b0f9035
SHA3-384 hash: fbb4e9eb5497a7225363b5cfacfbf3241ececd84075ae6365495546b61afb05f64288b4f8bc86056ae757e6705620df8
SHA1 hash: 8ac5bec271b61bb3ec786b2e90a3f82b3df7921c
MD5 hash: a565115b915c19305138045c3e5bad75
humanhash: carpet-triple-oscar-georgia
File name:CyberFortressVPN.zip
Download: download sample
File size:74'366'642 bytes
First seen:2023-12-07 19:00:54 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 1572864:PZPk1gn/4q6lmh4NQwqJr2ssCjwbcUEkJDTrxUG2k48GHAg1asG:m1E/7Nh4NQ/JassQwbcURXrxUGPoAgwJ
TLSH T152F733080E4EDB7E1E82DE5E2CF3AF1287731678A6068DDA594D3B07E5767A3600634D
TrID 80.0% (.ZIP) ZIP compressed archive (4000/1)
20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Reporter Xev
Tags:BbyStealer zip


Avatar
NIXLovesCooper
Distributed via: https://vpncyberfortress.com/
https://cdn.discordapp.com/attachments/1178066284966056009/1182121604843569222/CyberFortressVPN.zip?ex=65838b89&is=65711689&hm=568c88b52d96226a7f42744aceb5bf3a68112021c5c51bafedd1cad369721b20&

Intelligence

File Origin
# of uploads :
1
# of downloads :
173
Origin country :
GR GR
File Archive Information

This file archive contains 2 file(s), sorted by their relevance:

File name:CyberFortress.exe
File size:74'630'730 bytes
SHA256 hash: 555d0020f21f464dbf6e2a43ed8c0cfc024a189953d19e712a65d61dc224dab5
MD5 hash: 84657efa0b64174db53c6f690ee1130e
MIME type:application/x-dosexec
File name:Error Fix.txt
File size:36 bytes
SHA256 hash: caab24be00286f5ca9e0d8e37b87b835a4bb35dcfb7c6c7682dc18d667829e2f
MD5 hash: 9a46868d40ddee07f80d4f457c328243
MIME type:text/plain
Vendor Threat Intelligence
Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
control installer lolbin overlay packed shell32
Link:
https://www.filescan.io/uploads/65721677855eb2633d62c911/reports/0fd2ff96-c61b-4827-91d2-a93879523c8a/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/53ee6332f7d557bbc438fbce2d121700ec1fdd229016a98b4e1138059b0f9035
Result
Verdict:
MALICIOUS
Link:
https://labs.inquest.net/dfi/sha256/53ee6332f7d557bbc438fbce2d121700ec1fdd229016a98b4e1138059b0f9035
Score:
15%
Verdict:
Benign
File Type:
Archive
Link:
https://malprob.io/report/53ee6332f7d557bbc438fbce2d121700ec1fdd229016a98b4e1138059b0f9035
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=kpxggmxx2vl3xrby7phc2eqxadwb7xjcsalktc2oce4algypsa2q._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

zip 53ee6332f7d557bbc438fbce2d121700ec1fdd229016a98b4e1138059b0f9035

(this sample)

Executable exe 555d0020f21f464dbf6e2a43ed8c0cfc024a189953d19e712a65d61dc224dab5

  
Dropping
SHA256 555d0020f21f464dbf6e2a43ed8c0cfc024a189953d19e712a65d61dc224dab5
  
Dropping
BbyStealer
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/2738744/

Comments