MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 72f7fac5b77136b21f02e924462e48d9d8554eb4bf75f23f1d435ad0917077bf. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Threat unknown
Vendor detections: 7
| SHA256 hash: | 72f7fac5b77136b21f02e924462e48d9d8554eb4bf75f23f1d435ad0917077bf |
|---|---|
| SHA3-384 hash: | 488a5971e81ba1ef0321dee7b60fa7923a28cbebcea323a809527f27304e0a70410224222eb53dccc4f38a6b15c62360 |
| SHA1 hash: | d0f6e6372d227240fde7f6a7310f5d5faa42bb7f |
| MD5 hash: | 1ef315231b18b21d625548a5ea780daf |
| humanhash: | wisconsin-cold-kentucky-yellow |
| File name: | 2021-22-FILES-MY1040-w2-IRS-letter-1099r.PDF.zip |
| Download: | download sample |
| File size: | 171'118 bytes |
| First seen: | 2023-03-14 11:33:54 UTC |
| Last seen: | Never |
| File type: | zip |
| MIME type: | application/zip |
| ssdeep | 3072:Yg/YfBtV67yebkuBGRb06QkjN5JrocuewsnUYav67mXjv2st0uZN0:JQZv0nw+e3rocJFPav6KTZ0 |
| TLSH | T123F31298193014EACF7FAA2E6950651A70D848FC1D69274FDAC6B2B84DF7A0D736C0CC |
| TrID | 80.0% (.ZIP) ZIP compressed archive (4000/1) 20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1) |
| Reporter |  JAMESWT_WT |
| Tags: | zip |
Intelligence
File Origin
# of uploads :
1
# of downloads :
122
Origin country :
ITFile Archive Information
This file archive contains 27 file(s), sorted by their relevance:
| File name: | MANIFEST.MF |
|---|---|
| File size: | 154 bytes |
| SHA256 hash: | 5e00f58034faac567c0a12d10a6ca16d353b14569bcb811492cb09c407ca26a7 |
| MD5 hash: | 63711d4f9205495553a4523ebd494c6d |
| MIME type: | text/plain |
| File name: | RsrcURLStreamHandler.class |
|---|---|
| File size: | 6'374 bytes |
| SHA256 hash: | a2d417236104f0284321c32a5a1fdb8ba5ec81d064a1dcb21fea5f078c38b23c |
| MD5 hash: | c773d35064eb4d7769abc63c193f1ac1 |
| MIME type: | application/x-java-applet |
| File name: | Main_Ransomware_Stub$2.class |
|---|---|
| File size: | 4'691 bytes |
| SHA256 hash: | 4ee75ce652d42e8d28ca99c42d8713b726b530b6c491c48134cabf90aa4bb2c1 |
| MD5 hash: | 535ae86bec6fb1fc5681a61d2e5e9b5e |
| MIME type: | application/x-java-applet |
| File name: | AdvancedEncryptionStandard.class |
|---|---|
| File size: | 5'638 bytes |
| SHA256 hash: | 5ee298080c3f524dedb774de3ca94cc32e4dad598331cbf6f563474df1b6d9d1 |
| MD5 hash: | 2314791776083d5a66e2286e0270dce5 |
| MIME type: | application/x-java-applet |
| File name: | MessageBox.class |
|---|---|
| File size: | 1'443 bytes |
| SHA256 hash: | 2fc7fafb27f22bd31d693bf84ec5233be1e0e387bdfae754dc73bd90c34088c9 |
| MD5 hash: | 9efabcabd411858da8cc5cf26c2c6986 |
| MIME type: | application/x-java-applet |
| File name: | RsrcURLStreamHandlerFactory.class |
|---|---|
| File size: | 3'791 bytes |
| SHA256 hash: | 4044423d3b662556ebb028b85094841d83d93b53aaf0a4977db2c74e9065fc33 |
| MD5 hash: | 62ce7c111abe5c8e4a98b06b5d9cc566 |
| MIME type: | application/x-java-applet |
| File name: | WinRegistry.class |
|---|---|
| File size: | 21'629 bytes |
| SHA256 hash: | fc54f5a5c15d5909e0a125783a6d700605e4890ee367f5a23e38645a37845eb5 |
| MD5 hash: | 854183e644c45efca8475c874f411f8e |
| MIME type: | application/x-java-applet |
| File name: | client1$2.class |
|---|---|
| File size: | 3'178 bytes |
| SHA256 hash: | 68fa59d867e52e75bef3debcfabed73f00d209398b56c22abd978b53205ebc94 |
| MD5 hash: | b626e34a3616cd3d17bb6a42f9f3b05c |
| MIME type: | application/x-java-applet |
| File name: | Initiater.class |
|---|---|
| File size: | 2'539 bytes |
| SHA256 hash: | 5a2f7178402d4b4b5f2d6ca7d8f62a0c99c93a2622802f18e10f32f2abf85600 |
| MD5 hash: | 1f9d8b419b34b72b6efdf8eeab9ad8f5 |
| MIME type: | application/x-java-applet |
| File name: | Natalie.Salins-w2.jpg |
|---|---|
| File size: | 8'460 bytes |
| SHA256 hash: | dd7975fc0fb6652c72b71fca59ecb8ee4898b4a8cafd4ac354097868fe9bc0f6 |
| MD5 hash: | 68e325addb3767d3fb76f4e820183b0e |
| MIME type: | image/png |
| File name: | MessageBox$1.class |
|---|---|
| File size: | 1'181 bytes |
| SHA256 hash: | 18c68a3b145396c297f4d782754c35e4844240404c8537104f202ed20dc5fb76 |
| MD5 hash: | de3a6afecc3b0397c7788caf05c5f300 |
| MIME type: | application/x-java-applet |
| File name: | Responder.class |
|---|---|
| File size: | 917 bytes |
| SHA256 hash: | cedca322fb15ea04d4d95b0ac0f7ff36a4b01aa05e0f35a07ae23d9511a14c48 |
| MD5 hash: | c69dd407c8ac3394592fdc0dbab3dfd5 |
| MIME type: | application/x-java-applet |
| File name: | client1$6.class |
|---|---|
| File size: | 2'742 bytes |
| SHA256 hash: | f0d44d9b918077f924f4048d4e024793fccf43ee0ad7dc78ac932046a1e73f5e |
| MD5 hash: | a61493d88a5cad8366b6452934668da5 |
| MIME type: | application/x-java-applet |
| File name: | client1$4.class |
|---|---|
| File size: | 9'550 bytes |
| SHA256 hash: | bbcd1e3c64bd42e5987c1b98c56d8d52dbc75dec02f4b3074c220ba4ec0f56a4 |
| MD5 hash: | b3767f8f7d656c9a335ca6733522082e |
| MIME type: | application/x-java-applet |
| File name: | Main_Ransomware_Stub.class |
|---|---|
| File size: | 31'519 bytes |
| SHA256 hash: | acffbb42281a5231b740fd195f277ec5650d25bbbe7946ef7d98b3c339046f43 |
| MD5 hash: | 6bd2c5ca3e3fb0a4d674b9ba57b8f7cf |
| MIME type: | application/x-java-applet |
| File name: | JIJConstants.class |
|---|---|
| File size: | 5'722 bytes |
| SHA256 hash: | e27ec7910af60bf2ff5f41182d28947c056a039186e2c49c89b2d40895efdd29 |
| MD5 hash: | 1ef2a5bd8f04d88d23c207aab1f1683e |
| MIME type: | application/x-java-applet |
| File name: | client1$5.class |
|---|---|
| File size: | 10'241 bytes |
| SHA256 hash: | 1825620e4d2ea32e1c44c6f7ab926578b938904cd053e8e18699b804f1071af6 |
| MD5 hash: | 2fa85f7a9ea7f01e3c57bca8c79733f4 |
| MIME type: | application/x-java-applet |
| File name: | client1$3.class |
|---|---|
| File size: | 10'782 bytes |
| SHA256 hash: | 7d631dc240364dd5ddd9e3a08b1a3d790a7a61c83f740eabec2af18cffeaddfb |
| MD5 hash: | 6f854db7af13b296056cafb80d482ac5 |
| MIME type: | application/x-java-applet |
| File name: | config.properties |
|---|---|
| File size: | 82 bytes |
| SHA256 hash: | d5513a6a3088e435a10d2daf372c2db9769bde3685f409c9b41df213828c448b |
| MD5 hash: | 9d75703cb959edfe4a3104d80516837e |
| MIME type: | text/plain |
| File name: | Connector.class |
|---|---|
| File size: | 10'999 bytes |
| SHA256 hash: | 407b68c0da12c4ef1e74df1a661d9f21f95768ff1ae692c0c53622f9a2889db3 |
| MD5 hash: | 7c0cde76d67205a633eb080ea3ccf01d |
| MIME type: | application/x-java-applet |
| File name: | EventsListener.class |
|---|---|
| File size: | 292 bytes |
| SHA256 hash: | 1633f42cfe30dfdc08d1324d842b5e9c0cc7f302b5112f6dea31657cdde92ea7 |
| MD5 hash: | 538260c085a613ac20704f9798904a06 |
| MIME type: | application/x-java-applet |
| File name: | RsrcURLConnection.class |
|---|---|
| File size: | 6'201 bytes |
| SHA256 hash: | ca59527784c468f45280d9b88164b80233565c674dd1def35435b4c7e8ea3856 |
| MD5 hash: | f7e3a041d4a247b23cba226f073861b4 |
| MIME type: | application/x-java-applet |
| File name: | client1.class |
|---|---|
| File size: | 213'479 bytes |
| SHA256 hash: | 349c18de7ed1a6854bcf752d7e59ce0f16fe09d613a52b1bc4c8650620445506 |
| MD5 hash: | 12d5814325d9f773f630c199698f3322 |
| MIME type: | application/x-java-applet |
| File name: | client1$1.class |
|---|---|
| File size: | 3'466 bytes |
| SHA256 hash: | a108f1e60ff2dcfaeba96dab5a61d7aee9b2a9e7ecf5cc3cdf256d5cfcdf8b82 |
| MD5 hash: | 8344c3ac427043d9e4609e290a3fdb1b |
| MIME type: | application/x-java-applet |
| File name: | JarRsrcLoader.class |
|---|---|
| File size: | 12'028 bytes |
| SHA256 hash: | 299a267d4a2349b940803e65dc917d48e7f1ab9e58cc2f68592b928868af425b |
| MD5 hash: | eefc6cbcd950f0677f8d55ee3d6c4288 |
| MIME type: | application/x-java-applet |
| File name: | JarRsrcLoader$ManifestInfo.class |
|---|---|
| File size: | 884 bytes |
| SHA256 hash: | 8cdcabf88c87028a9c61277c9973d457a883cd04985a61ce563fd66b454551ed |
| MD5 hash: | a1b3106c1ab5349bcc0aa5572af967fb |
| MIME type: | application/x-java-applet |
| File name: | Main_Ransomware_Stub$1.class |
|---|---|
| File size: | 5'845 bytes |
| SHA256 hash: | d74aeafef4293753961a594995710ffa507c8f20852225f08b922f1edcfb2b2a |
| MD5 hash: | 8e975d55c336f4b4a6249b264fcc0dbe |
| MIME type: | application/x-java-applet |
Vendor Threat Intelligence
Result
Verdict:
Unknown
File Type:
ZIP File
Verdict:
No Threat
Threat level:
10/10
Confidence:
100%
Verdict:
Malicious
Labled as:
Mal/DrodZp
Result
Verdict:
MALICIOUS
Link:
Threat name:
ByteCode-JAVA.Trojan.Generic
Status:
Suspicious
First seen:
2023-03-13 16:29:04 UTC
File Type:
Binary (Archive)
Extracted files:
29
AV detection:
6 of 24 (25.00%)
Threat level:
5/5
Detection(s):
Suspicious file
Result
Malware family:
n/a
Score:
6/10
Tags:
persistence
Behaviour
Adds Run key to start application
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Web download
zip 72f7fac5b77136b21f02e924462e48d9d8554eb4bf75f23f1d435ad0917077bf
(this sample)
Delivery method
Distributed via web download
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.