MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 707025aabf49be938c24b5b6614d2008b928ff596fb405d7be2338b1cf1ae04d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Adware.ExtenBro


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 707025aabf49be938c24b5b6614d2008b928ff596fb405d7be2338b1cf1ae04d
SHA3-384 hash: e267009fb7aed76b0bdad4b8b52e1eb12ca2ad80ff044bd83a26f907fee3f84ab7b9135850166664b1cbe1b8123bea04
SHA1 hash: 54e3bedd0f5b1457c66cead57277c1186e59ab27
MD5 hash: 4d15601e3441ef948b834bdbf9c72c2a
humanhash: glucose-pip-emma-juliet
File name:SecuriteInfo.com.W32.Backdoor.TXLK-8101.26399
Download: download sample
Signature Adware.ExtenBro
Create hunting rule
File size:3'870'599 bytes
First seen:2020-06-19 14:43:36 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 884310b1928934402ea6fec1dbd3cf5e (3'725 x GCleaner, 3'447 x Socks5Systemz, 262 x RaccoonStealer)
ssdeep 49152:U2H5Tru7FuG8c7QjVmfRjSnYQo32jcDA0H3Fy2Imw+lSURVDhp3aeBgiWpcmuQrO:5A7s5LmfpQYQIA0H1ydoEpRfyek
Threatray 116 similar samples on MalwareBazaar
TLSH A3063348B686687DDBA1857D8491819647137C343DA0DA2BBA37BFCF8A3F0636C5076C
Reporter SecuriteInfoCom
Tags:Adware.ExtenBro

Intelligence

File Origin
# of uploads :
1
# of downloads :
126
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/9589/
Detection(s):
SecuriteInfo.com.W32.Backdoor.TXLK-8101.26399.UNOFFICIAL
Create hunting rule

Gathering data
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=obyclkv7jg7jhdbeww3gctjabc4sr72zn62alv56em4ldty24bgq._file
Verdict:
malicious
Similar samples:
22ee3b9202ff14db33a098ed647d77b626f629d7b823978d19d82f662b73cb03
Adware.ExtenBro
51b2fe7ed5d6da110fe512ac143f26b29b8819b25f4540e93825d310d60d2511
Adware.ExtenBro
59d9634fa16ad7953b87ab1db74f9ce2ec17957c046fd620be82a6fadb17f9e1
Adware.ExtenBro
6c90f16a6932be921cbb44b9e4531cf36e5ded6d5dd0016c4309a56ab8a96461
Adware.ExtenBro
7fcf92c7dcd71c8dd4d0b073877afb90075305390ccf6e3a50ca598211e0469f
Adware.ExtenBro
c6a810bf84ea3fd17a282d2a10bec7811c79ff751d5dbcf9eb84cff95f1fd5ba
Adware.ExtenBro
ccfc389f6dd3e6d9974b6cd4bb2a2efa5eb060f48e784aabd21a723cb58ff063
Adware.ExtenBro
d7aef406cc623d210aa08b240098e0976b28d745685385b8aee5df41e78e5e4e
Adware.ExtenBro
dd2d045e12c4a515af87ddd17edf5c8f93494f6b99f099b4808c4d0c61daf999
Adware.ExtenBro
e825c5b9c196015372cc2153f670cdfec42827fe20aff62c5d493b67fd9c92f1
Adware.ExtenBro
+ 106 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  8/10
Tags:
n/a
Link:
https://tria.ge/reports/201109-wbzknf3bze/
Behaviour
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of WriteProcessMemory
Loads dropped DLL
Executes dropped EXE
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/9589/

Comments