MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 758416f5eaeb77570a9529e928cf21a38e803664412a198452719a8b9e994d19. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Guildma


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments

SHA256 hash: 758416f5eaeb77570a9529e928cf21a38e803664412a198452719a8b9e994d19
SHA3-384 hash: 22e50b0324e1466869393c6e8469578b8b5bbc7a93b631ab087211bd63b702e4e86da5525ba88c00c586d90d88a9643c
SHA1 hash: 16a95e645237cfcf43e1ac67608783513e7dbfe3
MD5 hash: 19461ec95d2ed8da4cc2c4d9550aa125
humanhash: diet-edward-oxygen-idaho
File name:536749.742.67513.78924_208.69621.4895824ã.cmd
Download: download sample
Signature Guildma
File size:344 bytes
First seen:2022-01-14 06:58:56 UTC
Last seen:Never
File type:cmd cmd
MIME type:text/plain
ssdeep 6:SGIVEV75FJYFpInvLAvrf6Z9PfE3KJ+e3zy91GfwrGpOSVA4emUFv+n:wEV75FUIvLAvrSZRM2+Ey91GrgSYv+
TLSH T191E026B42FAC2FD84625551714327758712255041C80FD4C72E2EE4445991D08EDA5D5
Reporter @abuse_ch
Tags:Astaroth BRA geo guildma

Intelligence


File Origin
# of uploads :
1
# of downloads :
510
Origin country :
CH CH
Mail intelligence
No data
Vendor Threat Intelligence
Verdict:
unknown
Result
Malware family:
n/a
Score:
  8/10
Tags:
n/a
Behaviour
Modifies Internet Explorer settings
Suspicious use of WriteProcessMemory
Blocklisted process makes network request

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Guildma

cmd cmd 758416f5eaeb77570a9529e928cf21a38e803664412a198452719a8b9e994d19

(this sample)

  
Delivery method
Distributed via web download

Comments