MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6528c7c514e9309db9ae4cc57daadef585d47fd338e0084d1f297cab2b95b633. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 3 Yara Comments

SHA256 hash: 6528c7c514e9309db9ae4cc57daadef585d47fd338e0084d1f297cab2b95b633
SHA1 hash: 9564ecf7b2bf4aae142f90135fce9f6b06b19a85
MD5 hash: 6aa88e7fb4926a20ebed56da13ab1f53
File name:shipping docusments.bat
Download: download sample
Signature GuLoader
File size:94'208 bytes
First seen:2020-05-22 14:34:02 UTC
Last seen:2020-05-22 15:48:46 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash e962f8212a952da5e058314d60017983
ssdeep 768:BwvgMB9Qt8NOP6fXNws/McMcGw8kuFect11lkDWtJZAMB1L8z3DjQ:Wfst8Ntus/McMcGvkuFeWaMfUHQ
TLSH 46930831B558DC62CD280FF19A76CAE41126FD713CC04A4B79DA7B2E2A3254D98727C7
Reporter @jarumlus


Mail intelligence
Trap location Impact
CH Switzerland Low
Global Low
# of uploads 2
# of downloads 24
Origin country US US
ClamAV PUA.Win.Packer.ProtectSharewar-2
VirusTotal:Virustotal results 15.28%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



Executable exe 6528c7c514e9309db9ae4cc57daadef585d47fd338e0084d1f297cab2b95b633

(this sample)

Delivery method
Distributed via e-mail attachment