MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6d29aa2dae14893bc07f45bc71f6db450fd7e605c780b7a71753417508c0a661. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 6d29aa2dae14893bc07f45bc71f6db450fd7e605c780b7a71753417508c0a661
SHA3-384 hash: 18370169bf6c35b9655be7d1143d20c936870748b75a16134f9cf522bd9c0f60e23930b186533c4463e9f96ae2eb7adc
SHA1 hash: 54953af158ad813c5babdaef03577b7b12ed32bd
MD5 hash: bbbcacf4af0ad9c0608cc555aabcfe43
humanhash: snake-hotel-juliet-magazine
File name:a9037daa9905b278156457e18ede7506
Download: download sample
File size:385'026 bytes
First seen:2020-11-17 15:45:02 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash b71ae52e8715ee7bfaa0c9df227db54a
ssdeep 6144:FZZzetQ1ESx5xtSFRVf0W7cyqCxSngmMBqfycuPbUl0i5cD5J6U:tzetQ1ESp4DJ0npM4dl0v5JF
Threatray 91 similar samples on MalwareBazaar
TLSH 1C84CF91F2AC5CD5CDFEB3334539BA25B782981BDA64A04F756CA3063453C7B85BB220
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
60
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Win.Packed.Razy-9786051-0
Create hunting rule

Win.Packed.Razy-9787418-0
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Sending a UDP request
Launching the default Windows debugger (dwwin.exe)
Replacing executable files
Creating a window
Moving of the original file
Deleting of the original file
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/6d29aa2dae14893bc07f45bc71f6db450fd7e605c780b7a71753417508c0a661/
Threat name:
Win32.Trojan.Glupteba
Create hunting rule
Status:
Malicious
First seen:
2020-11-17 15:54:32 UTC
AV detection:
26 of 29 (89.66%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
05120de86620e0480b31518890f08c9bf085559ca566630ac5a17439984475ff
09afae7f6d16eccb54b77079119c4e18ac3470d6528fe5fbbd513e79d24b2223
0af71b99fba0fa729581578b23177f7cdd587b8188725316954acef07d6b6c99
1393b26f14c305a285550d0020350f1710842bf8877337585c5016c30af393ab
37e4905b2ec87a3a30549d0202702eac2e4f8516195057846aacabd6469f4ce5
7cf2783daac9a0f94a2a7a7b9ddcfc53614042aec946718cf7bcd1a3e491c1a0
83b7795882150edb696797caf7164ada02b8818b5725457e8f198e58564710df
a5062f91de393ec4ef3d88d42a44948985d0ecf0dbc8f76f3a6ff92d279598d5
d035d585ee6242cc4812bb12eb7e9e86878ea40c4cb10c2c9ebc76cb3cae4d75
fc1b51106633fe605d248dcb477e7533293e95b2d3e8fac9f4f6ac52130e8bb8
+ 81 additional samples on MalwareBazaar
Unpacked files
SH256 hash:
6d29aa2dae14893bc07f45bc71f6db450fd7e605c780b7a71753417508c0a661
MD5 hash:
bbbcacf4af0ad9c0608cc555aabcfe43
SHA1 hash:
54953af158ad813c5babdaef03577b7b12ed32bd
Link:
https://www.unpac.me/results/7f7b00b6-36e7-446a-bb40-340bcdc15bc7/
SH256 hash:
f2020823df59417dff02d624d04391af48567ab84a1583fd8269729c195785fa
MD5 hash:
7b0d1c632ff4ae7581a6147e15236e5c
SHA1 hash:
3f3ae0602fe92b2dd4e005f58bbf3cb270bde8cc
Link:
https://www.unpac.me/results/7f7b00b6-36e7-446a-bb40-340bcdc15bc7/
SH256 hash:
f045ee52209b97809f157159b4f0b0acb96a4ad8c88ccac126342726f148b2ca
MD5 hash:
e50a7d584c3072d164ca47778354b429
SHA1 hash:
07f147cbf132e1df28878c1272ea012eb33eee8b
Link:
https://www.unpac.me/results/7f7b00b6-36e7-446a-bb40-340bcdc15bc7/
SH256 hash:
a55b3978673a65ff7b5eaeebdceb2559135b0c5308f4c9516351de1e1c59ae1e
MD5 hash:
c297a97730a0b0eb6e98b9d0909d3def
SHA1 hash:
7f9a72623d9a1b6c008f59377261d05052fddf5d
Link:
https://www.unpac.me/results/7f7b00b6-36e7-446a-bb40-340bcdc15bc7/
SH256 hash:
a400aa0f16e509621ec5e1332e5ceb0f1025c46bc2b7707f5433c14dc3b34391
MD5 hash:
cfad0ed7a046d4b5f29dba56a89c881c
SHA1 hash:
c0d4995b9d66325799a2cbbbad50ba7c0225ce75
Link:
https://www.unpac.me/results/7f7b00b6-36e7-446a-bb40-340bcdc15bc7/
SH256 hash:
4c4434395893427fa4372d04d69f33ed7cfabc2732ebbbc52b444fa8fd1061db
MD5 hash:
49db151c63040555e030a3a2f8bffbeb
SHA1 hash:
cfba85afbed3fec16558328ada036f79db20f98d
Link:
https://www.unpac.me/results/7f7b00b6-36e7-446a-bb40-340bcdc15bc7/
SH256 hash:
dddac9cacfc78e1652b0010c4806f22d16e5abc867e3c8dc5463dadff2881792
MD5 hash:
80ead838038a6cb8a90ed1ed4ff30d46
SHA1 hash:
c6b67f2c8ee19b6d8d274c3f3347b35fdf42a3b7
Link:
https://www.unpac.me/results/7f7b00b6-36e7-446a-bb40-340bcdc15bc7/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments