MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5d6a329f9cdca67ac1c48c34e882366992e0465941f0a9e3856f441f297109c3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Adware.Generic


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 5d6a329f9cdca67ac1c48c34e882366992e0465941f0a9e3856f441f297109c3
SHA3-384 hash: 869416f5a134c4bbfdc0181a1abc135ef1df73cf90767005e4aef489f9a8704e0449e788b0a88f8353fa405691452d80
SHA1 hash: af05b557f14aef220c835545f64b5c41ce901bd7
MD5 hash: ccac5721435c990d64433b9827f5d5e2
humanhash: apart-mexico-music-cat
File name:5d6a329f9cdca67ac1c48c34e882366992e0465941f0a9e3856f441f297109c3
Download: download sample
Signature Adware.Generic
Create hunting rule
File size:4'000'025 bytes
First seen:2020-11-07 19:00:44 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 7fa974366048f9c551ef45714595665e (946 x Formbook, 398 x Loki, 261 x AgentTesla)
ssdeep 49152:5rKgjTOlrx0bgMt9IGicYM3BPMw+TlQWZR+yj62RNpCcQRhnM3YD8tIYG7jgXEuj:5rjSV3Mnr3evP3AdqY4GFkXEsOF47
Threatray 1 similar samples on MalwareBazaar
TLSH 1D063352ECA5CC9AF36BA57111AD0629E5A9CDDDF38084F72B083F9790A5E3BD30D406
Reporter seifreed
Tags:Adware.Generic

Intelligence

File Origin
# of uploads :
1
# of downloads :
79
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
PUA.Win.Downloader.Soft32downloader-6691270-0
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Sending a UDP request
Creating a window
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/5d6a329f9cdca67ac1c48c34e882366992e0465941f0a9e3856f441f297109c3/
Gathering data
Verdict:
unknown
Similar samples:
7fe8fe55cde58a7f0da954bf84de316e6d8997cf73f3fe3377f98912e6b5cedb
Adware.Generic
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201108-2grmbr3a3e/
Behaviour
Suspicious behavior: GetForegroundWindowSpam
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments