MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7057d3a37ba472e8991a2b77c92b1d3bcc485e84f5e6a3a88ebf90092148b00a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7057d3a37ba472e8991a2b77c92b1d3bcc485e84f5e6a3a88ebf90092148b00a
SHA3-384 hash: 89b99bf546740fcd98a9ce6868d5357ab46dfa057547423a85174d7ae477b620d46e6054cd66bf35dc335cabf3ed2f85
SHA1 hash: 7e7b904e563716afbe68fcf71295bd956d10e5a5
MD5 hash: 4529343767bbeaaecabcd514ca7ef405
humanhash: batman-bulldog-fish-lithium
File name:4529343767bbeaaecabcd514ca7ef405.exe
Download: download sample
File size:2'963'614 bytes
First seen:2022-02-12 07:45:23 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
ssdeep 49152:i0PsUoH2JPHOtEvbfmCTTFRTWAea0z07zzlpI5TibdBdpbICAEs6I+p930zB8d9d:dF+cPHOsfmaDh3Y0nE+dxbICAEVI+PkC
TLSH T18AD53329B19183EDCFBD0D7C9918801C3616ACB9869294D5BF79B0E03A452703BF77B9
Reporter abuse_ch
Tags:exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
251
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/241056/
Detection(s):
Win.Malware.Filerepmalware-9918804-0
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Searching for synchronization primitives
Launching the default Windows debugger (dwwin.exe)
DNS request
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
overlay packed
Link:
https://www.filescan.io/uploads/620765be45ddfa2e18c2fbdc/reports/691411dc-4130-4353-953b-2681b64b9813/overview
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Verdict:
Malicious
Link:
https://analyze.intezer.com/analyses/683ab0fd-c5bf-417c-933d-3380ce590a72
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
56 / 100
Link:
https://www.joesandbox.com/analysis/938707
Signature
Machine Learning detection for sample
Multi AV Scanner detection for submitted file
PE file has nameless sections
Behaviour
Behavior Graph:
Download SVG
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7057d3a37ba472e8991a2b77c92b1d3bcc485e84f5e6a3a88ebf90092148b00a/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2022-02-12 07:46:15 UTC
File Type:
PE (Exe)
AV detection:
15 of 28 (53.57%)
Threat level:
  5/5
Verdict:
malicious
Result
Malware family:
n/a
Score:
  10/10
Tags:
n/a
Link:
https://tria.ge/reports/220212-jlzhzsbcdp/
Behaviour
Checks processor information in registry
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Program crash
Drops file in Windows directory
Suspicious use of NtCreateProcessExOtherParentProcess
Unpacked files
SH256 hash:
d6773f2c78839951bd608eb0ba31a29803365ffb94c247e30893ab486fc7985d
MD5 hash:
0d16752a7f51bf477f8fcd5866539448
SHA1 hash:
014d215290829aa50b65fd094746097194092caf
Link:
https://www.unpac.me/results/d0a4b001-a815-4f40-90cd-1760a39a7563/
SH256 hash:
7057d3a37ba472e8991a2b77c92b1d3bcc485e84f5e6a3a88ebf90092148b00a
MD5 hash:
4529343767bbeaaecabcd514ca7ef405
SHA1 hash:
7e7b904e563716afbe68fcf71295bd956d10e5a5
Link:
https://www.unpac.me/results/d0a4b001-a815-4f40-90cd-1760a39a7563/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Executable exe 7057d3a37ba472e8991a2b77c92b1d3bcc485e84f5e6a3a88ebf90092148b00a

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/1942361/
  
Delivery method
Distributed via web download
Cape
Cape
https://www.capesandbox.com/analysis/241056/

Comments