MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 5bb5f84071d0caa80fdf283d990b37c4a796e97e12f37e4f0a875e3f7a738877. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Threat unknown
Vendor detections: 4
| SHA256 hash: | 5bb5f84071d0caa80fdf283d990b37c4a796e97e12f37e4f0a875e3f7a738877 |
|---|---|
| SHA3-384 hash: | 891980035691878924f4dbb0a2b13e2939438cdc35b2ccf84d804a25072833dd9c222311a105932a5b7df5aa513c3786 |
| SHA1 hash: | 5acfe2e32094ff29b430093d539445c7450ef766 |
| MD5 hash: | a8d635052232a192b45faff474629ae8 |
| humanhash: | muppet-one-lamp-bravo |
| File name: | a869e0d5d20598fffe1c21c9bf27d060 |
| Download: | download sample |
| File size: | 212'992 bytes |
| First seen: | 2020-11-17 15:44:16 UTC |
| Last seen: | Never |
| File type: |  exe |
| MIME type: | application/x-dosexec |
| imphash | 03ae0108c7455c49c94d2d60afa1e57a (1 x Worm.Ramnit) |
| ssdeep | 3072:gW9CO41zW5pZJ5p50uvq2WKW9FYx+ziSaGdjrszMYeCoZ398S4pLthEjQT6j:giyz+vqftY8TaAHsQYepZ3SSkEj1 |
| Threatray | 187 similar samples on MalwareBazaar |
| TLSH | 33248E197569C416E0A742744CCACB3C2D79BCA17791CB6F3E48B38D28B1398CAB6753 |
| Reporter |  seifreed |
Intelligence
File Origin
# of uploads :
1
# of downloads :
62
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:
Behaviour
Sending a UDP request
Creating a window
Creating a file in the Windows subdirectories
Running batch commands
Creating a process with a hidden window
Launching the default Windows debugger (dwwin.exe)
Creating a process from a recently created file
Creating a file in the Windows directory
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Threat name:
Win32.Trojan.Aenjaris
Status:
Malicious
First seen:
2020-11-17 15:54:11 UTC
AV detection:
27 of 29 (93.10%)
Threat level:
5/5
Verdict:
unknown
Similar samples:
+ 177 additional samples on MalwareBazaar
Unpacked files
SH256 hash:
5bb5f84071d0caa80fdf283d990b37c4a796e97e12f37e4f0a875e3f7a738877
MD5 hash:
a8d635052232a192b45faff474629ae8
SHA1 hash:
5acfe2e32094ff29b430093d539445c7450ef766
SH256 hash:
567465759f32d293ee9a8a0fb72da2233149497be6bef9f672c2f470670c13d4
MD5 hash:
9a3e119920fcd705f687327be0b4237b
SHA1 hash:
e8c1946d12996cd7166b61db6cb98f1930398ae6
SH256 hash:
393f1e41e8b6dd1fb195b923ea3fb414e4915ecc2e755a3f58bd27635c69f828
MD5 hash:
6351199ace4bb9f697f7daca4620e18a
SHA1 hash:
cd0dde1dba4a9919d187c73e714848b15b0a0dda
SH256 hash:
215906b56aee40b2e2488fe1e585a6ae53c51e0339c72c770542caa69a068e47
MD5 hash:
cc0e71b39493a79d07f9a7fbc382c0b9
SHA1 hash:
c6c0d8645004c059acccd26002573cd88e9cf3ae
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Delivery method
Other
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.