MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6593092dd29831d80d5fff05c7807fc3f327b62340560f55df53d115656a0aad. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


IcedID


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 6593092dd29831d80d5fff05c7807fc3f327b62340560f55df53d115656a0aad
SHA3-384 hash: 369707299f3f907c2f917ef0b99014081489d11c8331d60090b9cea4d47beeca701aa7b8e1deffb7ec57120eeeeb494c
SHA1 hash: e2bc410a6ac9757738572eb1655d7c7a03238a3b
MD5 hash: 6fd27289e8140e5f866232d066bb2314
humanhash: kilo-georgia-august-timing
File name:document.zip
Download: download sample
Signature IcedID
Create hunting rule
File size:221'244 bytes
First seen:2022-06-24 08:11:24 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 3072:0LfRu0SwWu/0pKKznILgYFncyDe6b06uE8/gHfF/+sWViJRyLcj:Wc0Su/oKUILg6nc11VEhHfF/+mJRywj
TLSH T1292402397968C6C2EB2C49BD070527A9BF3931447DA1962C52F7C5A3F14EA3D2E02CD2
TrID 80.0% (.ZIP) ZIP compressed archive (4000/1)
20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Reporter proxylife
Tags:IcedID zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
188
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Result
Verdict:
MALICIOUS
Link:
https://labs.inquest.net/dfi/sha256/6593092dd29831d80d5fff05c7807fc3f327b62340560f55df53d115656a0aad
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/6593092dd29831d80d5fff05c7807fc3f327b62340560f55df53d115656a0aad/
Threat name:
Win32.Trojan.IcedID
Create hunting rule
Status:
Malicious
First seen:
2022-06-24 08:12:05 UTC
File Type:
Binary (Archive)
Extracted files:
1
AV detection:
4 of 40 (10.00%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=mwjqslostay5qdk774c4pad7ypzspnrdibla6vo7kpirkzlkbkwq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/6593092dd29831d80d5fff05c7807fc3f327b62340560f55df53d115656a0aad

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments