MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 58798e9d38739365875c8ec7b8cba0ef003e033b6d6026212adb8856997c0cdf. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


NovaSentinel


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 58798e9d38739365875c8ec7b8cba0ef003e033b6d6026212adb8856997c0cdf
SHA3-384 hash: c5ae84122e336773ad3ad2b2cb3ebf9a5e9ccc7e9cf8099761d95c3eaa2a8139db3d53f0eb581aca7fc699d8dcc9eacd
SHA1 hash: 1fdf8bbab7568dd460dd3339e14eb832d7623377
MD5 hash: 590ea72f6e199562ede5c47e283e8696
humanhash: mobile-pennsylvania-aspen-bluebird
File name:Mauqes.rar
Download: download sample
Signature NovaSentinel
Create hunting rule
File size:85'543'544 bytes
First seen:2024-03-29 19:13:09 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
Note:This file is a password protected archive. The password is: beta_EKhZFa
ssdeep 1572864:uRwhMErcxG+o0ff12SkUleJ1k2t8fAtMctYCy6B/3hcz+QtrGDQFEOUQlytz8MAM:uwhMscxG+Tff1nkh1k28gx/RcSq5FCQw
TLSH T1D9183339105F2D4EDB37E03211424D14B98C3FDA775B3A584B2A1530A96DEC66BCEBCA
TrID 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1)
38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Reporter e24111111111111
Tags:gamerforyou.com NovaSentinel pw-beta_EKhZFa rar


Avatar
e24111111154168
Distributed via: www.gamerforyou.com
NovaSentinel C2: hawkish.fr

Intelligence

File Origin
# of uploads :
1
# of downloads :
103
Origin country :
GR GR
File Archive Information

This file archive contains 1 file(s), sorted by their relevance:

File name:Mauqes.exe
File size:85'404'275 bytes
SHA256 hash: fd666a1b146ce9fcbf06035ba68eeda23c76e81fd6c532b9dd84c7132fca776d
MD5 hash: f31948e0367b673f931f128e540609e4
MIME type:application/x-dosexec
Signature NovaSentinel
Vendor Threat Intelligence
Gathering data
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/58798e9d38739365875c8ec7b8cba0ef003e033b6d6026212adb8856997c0cdf
Result
Verdict:
MALICIOUS
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=lb4y5hjyoojwlb24r3d3rs5a54ad4az3nvqcmijk3oefngl4btpq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

NovaSentinel

rar 58798e9d38739365875c8ec7b8cba0ef003e033b6d6026212adb8856997c0cdf

(this sample)

NovaSentinel

Executable exe fd666a1b146ce9fcbf06035ba68eeda23c76e81fd6c532b9dd84c7132fca776d

  
Dropping
SHA256 fd666a1b146ce9fcbf06035ba68eeda23c76e81fd6c532b9dd84c7132fca776d
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/2796287/

Comments