MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 56bdc647e59ea60598232261bc6d61eb11c0cd79de5567e571972879307157fd. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 56bdc647e59ea60598232261bc6d61eb11c0cd79de5567e571972879307157fd
SHA3-384 hash: 10de92127b2afd704f00671d552fd8a203ed7ec536e69f55cd5aa35ec83f3da6ec5be503f55b1589a64998a9a47333e1
SHA1 hash: b98e8078a3fd53bef7b1111876b793aed0b6e251
MD5 hash: b9c2d005d2619f1122f5032b84a1d2bf
humanhash: potato-oklahoma-juliet-helium
File name:Dridex.ps1
Download: download sample
File size:3'790 bytes
First seen:2020-09-29 14:16:41 UTC
Last seen:Never
File type:PowerShell (PS) ps1
MIME type:text/plain
ssdeep 96:p+aiyyeT4iRiFYH9RDut/YYXlYRhaRzwx6Rh1G:pQdiRioPuiKkhaRDh1G
TLSH 65711BF2AE36EAC416D770E90FD3398D21505A23466C96F8930D08D7562C606EF1B7F8
Reporter JAMESWT_WT
Tags:Dridex ps1

Intelligence

File Origin
# of uploads :
1
# of downloads :
265
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.CL.Downloadergen10.12542.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/56bdc647e59ea60598232261bc6d61eb11c0cd79de5567e571972879307157fd/
Threat name:
Script-PowerShell.Trojan.Powdow
Create hunting rule
Status:
Malicious
First seen:
2020-09-29 13:38:31 UTC
File Type:
Text
AV detection:
9 of 29 (31.03%)
Threat level:
  5/5
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Dridex
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/56bdc647e59ea60598232261bc6d61eb11c0cd79de5567e571972879307157fd

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments