MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5c10434a065e4811c0446b8dab00f21ee1fc03974dad7085cfcd2f58d115ec0f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 5c10434a065e4811c0446b8dab00f21ee1fc03974dad7085cfcd2f58d115ec0f
SHA3-384 hash: 35b4ed046d0a47b32d5c76de84d3a644adb64487d576f36b4330aa50e8268531eac7c56ee1efc3c47f83ad6b1292d062
SHA1 hash: 2e39ada74e581c69d2d4585aafb66c11218d81c1
MD5 hash: 4602542f145dccfb439460dab1f597fc
humanhash: fillet-charlie-nineteen-gee
File name:USIC 22 Updates.xlsx
Download: download sample
File size:20'054 bytes
First seen:2022-10-07 08:39:17 UTC
Last seen:Never
File type:Excel file xlsx
MIME type:application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
ssdeep 384:wc313yltpXDqeynDQITMso2CSsMWBKBEKCWODgScK7ZLHEDCcfcmdL1d5Im3rE:wJlHXDa8Ig52CSn5/C9xZNLHSCckmdLw
TLSH T18D927C1C9A96FE94DF75F97DB13463F0A49418C65200B0EA8A6AF23D1F013E7168F2D9
TrID 60.1% (.XLSX) Excel Microsoft Office Open XML Format document (34000/1/7)
30.9% (.ZIP) Open Packaging Conventions container (17500/1/4)
7.0% (.ZIP) ZIP compressed archive (4000/1)
1.7% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Reporter cocaman
Tags:xlsx


Avatar
cocaman
Malicious email (T1566.001)
From: ""Andrew C. Steinerman" <andrew.steinerman@jpmresearchmail.com>" (likely spoofed)
Received: "from srmz11.jpmchase.com (srmz11.jpmchase.com [159.53.81.156]) "
Date: "Thu, 6 Oct 2022 15:31:19 -0400 (EDT)"
Subject: "Kartik, **LIST ATTACHED** Our J.P. Morgan Ultimate Services
Investor Conference (USIC) | Thurs, Nov 17, 2022 | at JPM/NY |
PARTICIPATING COMPANIES ; final 1x1 deadline is TOMORROW/Friday Oct 7th"
Attachment: "USIC 22 Updates.xlsx"

Intelligence

File Origin
# of uploads :
1
# of downloads :
269
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/317546/
Result
Verdict:
Clean
Maliciousness:

Behaviour
Searching for the window
Creating a window
Сreating synchronization primitives
Result
Verdict:
Clean
File Type:
OOXML Excel File
Link:
https://app.docguard.net/5c10434a065e4811c0446b8dab00f21ee1fc03974dad7085cfcd2f58d115ec0f/results/dashboard
Verdict:
No Threat
Threat level:
  10/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/633fe5e3d089a0c15dd5b100/reports/5e556492-f8b2-4fdb-8d0e-2fa6b3f28732/overview
Label:
Benign
Suspicious Score:
2/10
Score Malicious:
3%
Score Benign:
97%
Link:
https://www.malware.ai/gui/files/?id=5b7e505b-399f-4e02-a63b-4cf80172834f
Result
Verdict:
UNKNOWN
Link:
https://labs.inquest.net/dfi/sha256/5c10434a065e4811c0446b8dab00f21ee1fc03974dad7085cfcd2f58d115ec0f
Result
Threat name:
Unknown
Detection:
clean
Classification:
n/a
Score:
0 / 100
Link:
https://www.joesandbox.com/analysis/1085583
Behaviour
Behavior Graph:
n/a
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/5c10434a065e4811c0446b8dab00f21ee1fc03974dad7085cfcd2f58d115ec0f/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=lqiegsqglzebdqcenog2wahsd3q7ya4xjwwxbbopzuxvruiv5qhq._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/221007-kkvzvacaa9/
Behaviour
Checks processor information in registry
Enumerates system info in registry
Modifies Internet Explorer settings
Modifies registry class
Suspicious behavior: AddClipboardFormatListener
Suspicious use of SetWindowsHookEx
Verdict:
Suspicious
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/5e4bf0c6-aba1-4df6-9056-2e3365366bc6
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/5c10434a065e4811c0446b8dab00f21ee1fc03974dad7085cfcd2f58d115ec0f

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Excel file xlsx 5c10434a065e4811c0446b8dab00f21ee1fc03974dad7085cfcd2f58d115ec0f

(this sample)

  
Delivery method
Distributed via e-mail attachment
Cape
Cape
https://www.capesandbox.com/analysis/317546/

Comments