MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 582e6c2f0efae023abdac592f802ff5330b95eb4f66cdcad52f73b04e67cad57. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 582e6c2f0efae023abdac592f802ff5330b95eb4f66cdcad52f73b04e67cad57
SHA3-384 hash: 1f9b45560ba2a863f326d65c527de466dcfdca2f15da0a105bf5f5936288375e96bf1520f39b91ddb7ca42499af567bc
SHA1 hash: 2e7c8593aae7751c3d465f7fbac375f78010a973
MD5 hash: ab44ae38da6c997178564adfea552dff
humanhash: alanine-kentucky-mexico-wyoming
File name:582e6c2f0efae023abdac592f802ff5330b95eb4f66cdcad52f73b04e67cad57
Download: download sample
File size:1'149'884 bytes
First seen:2020-06-03 08:57:46 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash bc5ce990cf54f8d435a68eb97512f73e (1 x RemcosRAT, 1 x NetSupport)
ssdeep 24576:ydc0Ki4M5WmyjU0XyY5ZYjr8aB91lmsc1WpIPsjo9tBWNoqNDNx5D+:ydd4M5WmyjU0N5yEO9q1RxjBW6cDNfy
Threatray 8 similar samples on MalwareBazaar
TLSH B435231CB68690F7D4401630B86877B2B43EEF213A21995BB3A9BD5E6C7C2E0F8550F5
Reporter raashidbhatt
Tags:exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
56
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
PUA.Win.Packer.RarSfxModificat-1
Create hunting rule

Win.Trojan.Hupigon-10525
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Chifrax
Create hunting rule
Status:
Malicious
First seen:
2020-06-04 00:37:00 UTC
AV detection:
25 of 31 (80.65%)
Threat level:
  5/5
Verdict:
unknown
Similar samples:
011edb4bb98378dd1b4e36767bc25fbf11f3a1b2b29481bc087d8d23b21dbc9a
2724b91c1bc89c7b25a91efd5e2da4455efc769600fc7735715582ba12201085
2ae5302a997467e32d4822fbf756f9355d0474facb9cc70dc65eaa382f055e08
44cc7f6c2b664f15b499c7d07c78c110861d2cc82787ddaad28a5af8efc3daac
774a97563c60e46925ccf05e5ee779f43c48f51492d2d370adb04540ca60ac86
805ed0046522a49d4c614ab04a364a1da3f583d5daae5380163fbe5b0513f872
aba41a97618a408afa8b836d18ede9783c48d24be49b085688d88f4bab8f08b0
f7ca26d121ee9ccd739a78656ce737c0c48e0d1c6cca667da547fa2bd3c6c80e
Result
Malware family:
n/a
Score:
  4/10
Tags:
n/a
Link:
https://tria.ge/reports/201109-mxfjzemsvs/
Behaviour
Suspicious behavior: GetForegroundWindowSpam
Drops file in Program Files directory
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments