MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 72334de49f7a0867ad3120d37b68423708dffed3d331055d1e2912922abd06df. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 72334de49f7a0867ad3120d37b68423708dffed3d331055d1e2912922abd06df
SHA3-384 hash: 12430cd33e4b5f27fa7dd270246d1be23855b79f3fb70b837e0d40cbab1808f78a3b6757a6f17d2388dc31583baf058e
SHA1 hash: 9d730d82f4c8d405469c2068c17575dccff4079a
MD5 hash: 66dfa29df61a06ece1fb1d6cbabead61
humanhash: illinois-arkansas-equal-wolfram
File name:66dfa29df61a06ece1fb1d6cbabead61.exe
Download: download sample
File size:232'814 bytes
First seen:2020-10-30 15:27:40 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 77d961bdea349d0617b02512436a4b26 (1 x RedLineStealer)
ssdeep 1536:zzPMX5ur67HSuYrcq1tQvZgXHnIHxfsWrZH7AkxtNQNzvEI5o46XGFijifOTIzxM:3kNHfEQR15HszN5oDXGFi+fXWXcw
TLSH 6734CE217691C073C48664318464C7B55ABA74315BB5DDCB77A80BBE6F202C263BF38E
Reporter abuse_ch
Tags:exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
77
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/81304/
Detection(s):
Win.Malware.Generic-9784683-0
Create hunting rule

Result
Verdict:
Clean
Maliciousness:
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
52 / 100
Link:
https://www.joesandbox.com/analysis/517148
Signature
Machine Learning detection for sample
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/72334de49f7a0867ad3120d37b68423708dffed3d331055d1e2912922abd06df/
Threat name:
Win32.Trojan.Glupteba
Create hunting rule
Status:
Malicious
First seen:
2020-10-29 17:38:35 UTC
AV detection:
19 of 29 (65.52%)
Threat level:
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201030-j9ah11gre6/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Kryptik
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/72334de49f7a0867ad3120d37b68423708dffed3d331055d1e2912922abd06df

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Executable exe 72334de49f7a0867ad3120d37b68423708dffed3d331055d1e2912922abd06df

(this sample)

Cape
Cape
https://www.capesandbox.com/analysis/81304/
  
URLhaus
https://urlhaus.abuse.ch/url/758221/
  
Delivery method
Distributed via web download

Comments