MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5e54bccbd4d93447e79cda0558b0b308a186c2be571c739e5460a3cb6ef665c0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Lazarus


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments

SHA256 hash: 5e54bccbd4d93447e79cda0558b0b308a186c2be571c739e5460a3cb6ef665c0
SHA3-384 hash: b49714c6ffd9ceb1ba663f76424856f0f99c91f1689b404cd5fe377663edf23cdd9657177135b8169f5c7eb2acbb928b
SHA1 hash: 53aa0971eb5d53ed242764ebfc89ad591a5211b2
MD5 hash: aeee54a81032a6321a39566f96c822f5
humanhash: alaska-winter-yellow-idaho
File name:aeee54a81032a6321a39566f96c822f5
Download: download sample
Signature Lazarus
File size:50'320 bytes
First seen:2021-02-18 01:21:33 UTC
Last seen:Never
File type:php macho
MIME type:application/x-mach-binary
ssdeep 768:A4yOeE/pwi8Aea02PG2mG1oAK+g7mj78yfgum0+mifm:GOeE/pwFs02pvg7mj7bfgum0hi
TLSH 4D33E6925B588506FC1040B1579A8373EB31FD155A72D68FB3AAD6382EF13E06B8B11F
Reporter c3rb3ru5d3d53c2
Tags:Lazarus signed

Code Signing Certificate

Organisation:CELAS LLC
Issuer:COMODO RSA Code Signing CA
Algorithm:sha256WithRSAEncryption
Valid from:2018-05-21T00:00:00Z
Valid to:2019-05-21T23:59:59Z
Serial number: 9a73550b8376863bd9430faa8b5a2987
Intelligence: 5 malware samples on MalwareBazaar are signed with this code signing certificate
MalwareBazaar Blocklist:This certificate is on the MalwareBazaar code signing certificate blocklist (CSCB)
Thumbprint Algorithm:SHA256
Thumbprint: 37d6e78b70b0c4abce2e5ad9f14e6604ce136bb117710ce98c056b593b10ad28
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence


File Origin
# of uploads :
1
# of downloads :
138
Origin country :
n/a
Vendor Threat Intelligence
Threat name:
MacOS.Backdoor.AppleJeus
Status:
Malicious
First seen:
2018-08-14 11:38:18 UTC
File Type:
MachO64 Little (Exe)
AV detection:
28 of 48 (58.33%)
Threat level:
  5/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments