MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 622a533829e63ba80fd3952f0381caace464a284a61a6da36f14e378a37a9749. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 10


Intelligence 10 IOCs YARA 4 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 622a533829e63ba80fd3952f0381caace464a284a61a6da36f14e378a37a9749
SHA3-384 hash: 31a33ed7307e352240c6e48921fb6095e5b88949b7b1aa49f761db13c4412b5b416e266e864e15ee7d7ec8ee617dccb5
SHA1 hash: 9b77478afceceee3d7e9e8c4866e09bd5f46b693
MD5 hash: ca57416e7f75f7a46ff2750dd9113896
humanhash: magazine-mango-steak-uniform
File name:SecuriteInfo.com.Win64.MalwareX-gen.29527.32026
Download: download sample
File size:346'624 bytes
First seen:2025-06-12 16:29:20 UTC
Last seen:2025-06-12 18:19:06 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 684f0eb02a26b1baed9dbf2af8362874
ssdeep 6144:tgX/C2LFZPpecm1UEm3CZiYBjMfr3ohez3tPe:12ZZAcWmSZiYa3o
TLSH T1FB744C0AB6A510F1D4B7C138C563661EFAB17865437097DB67A04B5B2F33BE0A93EB40
TrID 44.4% (.EXE) Win64 Executable (generic) (10522/11/4)
21.3% (.EXE) Win16 NE executable (generic) (5038/12/1)
8.7% (.ICL) Windows Icons Library (generic) (2059/9)
8.5% (.EXE) OS/2 Executable (generic) (2029/13)
8.4% (.EXE) Generic Win/DOS Executable (2002/3)
Magika pebin
Reporter SecuriteInfoCom
Tags:exe

Intelligence

File Origin
# of uploads :
3
# of downloads :
499
Origin country :
FR FR
Vendor Threat Intelligence
Malware family:
n/a
ID:
1
File name:
SecuriteInfo.com.Win64.MalwareX-gen.29527.32026
Verdict:
No threats detected
Analysis date:
2025-06-12 16:42:43 UTC
Tags:
n/a
Link:
https://app.any.run/tasks/3ffef558-b9fe-44bf-97cd-faf11d3fdb7c

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/9187/
Verdict:
Malicious
Score:
99.1%
Link:
https://cyber-fortress.com/docs/result/index.php?id=684b02bc8bd5d68a12e83d36
Tags:
malware
Result
Verdict:
Clean
Maliciousness:

Behaviour
Searching for the window
Verdict:
Malicious
Labled as:
Trojan.Generic
Link:
https://www.hybrid-analysis.com/sample/622a533829e63ba80fd3952f0381caace464a284a61a6da36f14e378a37a9749
Malware family:
Generic Malware
Create hunting rule
Verdict:
Malicious
Link:
https://analyze.intezer.com/analyses/ba54aec1-7dbc-4798-9ef6-1d31359f6f09
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1713495
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1713495 Sample: SecuriteInfo.com.Win64.Malw... Startdate: 12/06/2025 Architecture: WINDOWS Score: 48 19 Multi AV Scanner detection for submitted file 2->19 7 loaddll64.exe 1 2->7         started        process3 process4 9 cmd.exe 1 7->9         started        11 conhost.exe 7->11         started        13 rundll32.exe 7->13         started        15 rundll32.exe 7->15         started        process5 17 rundll32.exe 9->17         started       
Score:
92%
Verdict:
Malware
File Type:
PE
Link:
https://malprob.io/report/622a533829e63ba80fd3952f0381caace464a284a61a6da36f14e378a37a9749
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/622a533829e63ba80fd3952f0381caace464a284a61a6da36f14e378a37a9749/
Threat name:
Win64.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2025-05-24 18:20:35 UTC
File Type:
PE+ (Dll)
AV detection:
18 of 38 (47.37%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=mivfgobj4y52qd6tsuxqhaokvtsgjiueuyng3i3pctrxri32s5eq._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/250612-t15cwsxky7/
Verdict:
Malicious
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/21d0b792-ca3d-4552-9c10-b45111ab094a
Unpacked files
SH256 hash:
622a533829e63ba80fd3952f0381caace464a284a61a6da36f14e378a37a9749
MD5 hash:
ca57416e7f75f7a46ff2750dd9113896
SHA1 hash:
9b77478afceceee3d7e9e8c4866e09bd5f46b693
Link:
https://www.unpac.me/results/5730d8ca-4e06-48ad-8f6f-437603105d08/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/622a533829e63ba80fd3952f0381caace464a284a61a6da36f14e378a37a9749

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:cobalt_strike_tmp01925d3f
Create hunting rule
Author:The DFIR Report
Description:files - file ~tmp01925d3f.exe
Reference:https://thedfirreport.com
Rule name:DebuggerCheck__API
Create hunting rule
Reference:https://github.com/naxonez/yaraRules/blob/master/AntiDebugging.yara
Rule name:golang_bin_JCorn_CSC846
Create hunting rule
Author:Justin Cornwell
Description:CSC-846 Golang detection ruleset
Rule name:pe_detect_tls_callbacks
Create hunting rule

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Executable exe 622a533829e63ba80fd3952f0381caace464a284a61a6da36f14e378a37a9749

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3561483/
  
Delivery method
Distributed via web download
Cape
Cape
https://www.capesandbox.com/analysis/9187/

Comments