MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 65c00da8c7eefef721d7f58f9c998d2469dc830522121a683ddd92112a5da37f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 65c00da8c7eefef721d7f58f9c998d2469dc830522121a683ddd92112a5da37f
SHA3-384 hash: 58b7c036afb3f8bf31ac98ac43181eeb20e09ef99b5938348ae0bff2845589133f3300e0eebec65d2cc2b9dac862d3b2
SHA1 hash: 806f84ee1857af6aeed07e8d0b1d4c6f336335f8
MD5 hash: 254beb24f2a25da032861f3d2508f765
humanhash: cardinal-cardinal-kilo-six
File name:254beb24f2a25da032861f3d2508f765.exe
Download: download sample
File size:610'816 bytes
First seen:2020-07-01 05:13:19 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 6739efd83d71232bc1758a1dfae953a1
ssdeep 12288:9MLwtOj3YUwe4zpBLWalkY+YZu70/K+6Stakkamrxww/+TWsWbgqU:WLsOjdwNrLWs9+Y47CdtLbdw/+CsigqU
TLSH 56D4121333C1E071D02B2D70B905FAB8EA7F7C715A15918377900BBE7E31BE1AA5A586
Reporter abuse_ch
Tags:exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
80
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/17541/
Detection(s):
SecuriteInfo.com.Malware.PDB-11.UNOFFICIAL
Create hunting rule

PUA.Win.Downloader.Aiis-6803892-0
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/65c00da8c7eefef721d7f58f9c998d2469dc830522121a683ddd92112a5da37f/
Threat name:
Win32.Trojan.DanaBot
Create hunting rule
Status:
Malicious
First seen:
2020-07-01 05:15:07 UTC
AV detection:
25 of 29 (86.21%)
Threat level:
  5/5
Verdict:
unknown
Result
Malware family:
n/a
Score:
  6/10
Tags:
n/a
Link:
https://tria.ge/reports/200701-pqy1ttbka6/
Behaviour
Checks processor information in registry
Legitimate hosting services abused for malware hosting/C2
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Executable exe 65c00da8c7eefef721d7f58f9c998d2469dc830522121a683ddd92112a5da37f

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/401434/
  
Delivery method
Distributed via web download
Cape
Cape
https://www.capesandbox.com/analysis/17541/

Comments