MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 6ee93b75c05452fee0a477d298d406843fb635bc9512a176dd375d2ad29cd57a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Threat unknown
Vendor detections: 2
| SHA256 hash: | 6ee93b75c05452fee0a477d298d406843fb635bc9512a176dd375d2ad29cd57a |
|---|---|
| SHA3-384 hash: | 092b48bd87053295e281063097aee63fcec5f9f9a0de6de1d7499c5996c98673ea22b2ad6ddd60858b89df463d4ad64b |
| SHA1 hash: | 0c149b32cb4e54d3bf21ca56acf91bac47641960 |
| MD5 hash: | d717d701de9f23215d57f2dd44371c3c |
| humanhash: | washington-dakota-friend-london |
| File name: | SecuriteInfo.com.BScope.Trojan.Agentb.14333 |
| Download: | download sample |
| File size: | 3'072 bytes |
| First seen: | 2020-04-16 21:35:51 UTC |
| Last seen: | Never |
| File type: |  dll |
| MIME type: | application/x-dosexec |
| imphash | 5fc6808db522625a105f7994fc931cd7 |
| ssdeep | 12:eFGSGuWy8NyR44nTrllU2lsQEXVl5BwFRDiOEG6U4gTvMv7vZxdtV:eFGSv344n3/ABXVeRDth6U4aUvbZxdt |
| TLSH | D951EF379B9122B3D0080BB616E79027B4F7A47027E28402CAC1991C7512360EEBDF0B |
| Reporter |  SecuriteInfoCom |
Intelligence
File Origin
# of uploads :
1
# of downloads :
77
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Gathering data
Threat name:
Win32.Trojan.Bscope
Status:
Suspicious
First seen:
2017-08-22 11:48:07 UTC
File Type:
PE (Dll)
AV detection:
3 of 31 (9.68%)
Threat level:
5/5
Verdict:
unknown
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Web download
dll 6ee93b75c05452fee0a477d298d406843fb635bc9512a176dd375d2ad29cd57a
(this sample)
Delivery method
Distributed via web download
BLint
The following table provides more information about this file using BLint. BLint is a Binary Linter to check the security properties, and capabilities in executables.
Findings
| ID | Title | Severity |
|---|---|---|
| CHECK_AUTHENTICODE | Missing Authenticode | high |
| CHECK_NX | Missing Non-Executable Memory Protection | critical |
| CHECK_PIE | Missing Position-Independent Executable (PIE) Protection | high |
Reviews
| ID | Capabilities | Evidence |
|---|---|---|
| WIN_BASE_EXEC_API | Can Execute other programs | KERNEL32.dll::WinExec |
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.