MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6edb794a9f28cbd60dcb9fefc0e145f64c9e623b3df235a4a907ca948fd1edb9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence File information 3 Yara 1 Comments

SHA256 hash: 6edb794a9f28cbd60dcb9fefc0e145f64c9e623b3df235a4a907ca948fd1edb9
SHA3-384 hash: 4299cf3a4b37cea993b12baf7a69dd5d302d17ee4429c08f912758a6f3f7979bcd4ba273c8b5cc80881233c04016ddc3
SHA1 hash: 39d86228750d1eebdb78f60b03c3b638acf72d34
MD5 hash: 618a1e3551560b86454450f3ea580029
humanhash: connecticut-ceiling-stream-wyoming
File name:618a1e3551560b86454450f3ea580029.exe
Download: download sample
Signature n/a
File size:598'016 bytes
First seen:2020-06-30 12:04:41 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash b95bd93e7d976a746434add8b2c20d20
ssdeep 6144:xtG+hqIcBrwg+Kc8R52HQCL8cvYgkaL4rxMLarbohOOJtWTzbIBvWv5UidT:x8+7c/+DAAHQCLxCK2ohOQWTAuZ
TLSH D9D49F8AB9A390F7C63416B24BAB6735AA758E011B15CFC35378DE3E1D32580D93713A
Reporter @abuse_ch


Mail intelligence No data
# of uploads 1
# of downloads 23
Origin country US US
CAPE Sandbox Detection:n/a
ClamAV Win.Malware.Zusy-6840460-0
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Vigua
First seen:2020-06-30 12:06:06 UTC
AV detection:32 of 48 (66.67%)
Threat level:   2/5
Hatching Triage Score:   10/10
Malware Family:n/a
Tags:persistence evasion miner
VirusTotal:Virustotal results 47.95%

Yara Signatures

Rule name:CN_Honker_WordpressScanner
Author:Florian Roth
Description:Sample from CN Honker Pentest Toolset - file WordpressScanner.exe
Reference:Disclosed CN Honker Pentest Toolset

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Executable exe 6edb794a9f28cbd60dcb9fefc0e145f64c9e623b3df235a4a907ca948fd1edb9

(this sample)

Delivery method
Distributed via web download