MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 774d0427cd607b1c09131cc277a68c9edd7cf01499d356bcb1ef4a08e6fc322a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 774d0427cd607b1c09131cc277a68c9edd7cf01499d356bcb1ef4a08e6fc322a
SHA3-384 hash: 27ade1226dde81db17c03dbff84b0c20fe0a67440834b0848dd0af54279894e2366da887e5f501564cd82ae5a30656e9
SHA1 hash: e494d8ed317c0d26a99dcaf5d49ab33ae26b9b7c
MD5 hash: 1c4e4403e408c153c4f7dfd7813ed11a
humanhash: stairway-april-uncle-california
File name:SecuriteInfo.com.VB.Trojan.Agent.DQBD.25048.27405
Download: download sample
File size:183'808 bytes
First seen:2020-05-26 00:58:31 UTC
Last seen:Never
File type:Word file docx
MIME type:application/msword
ssdeep 3072:VPmCrEVttqFOzBa9y9v5n9U/uXpnZW/cdQ15:VvQXgQ9vA/Q0MW
TLSH D604C62AB1F27C1BCE98223444AFCFFE24D1AC567592C176B205763A3DB715286E3721
Reporter SecuriteInfoCom

Intelligence

File Origin
# of uploads :
1
# of downloads :
66
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.VB.Trojan.Agent.DQBD.25048.27405.UNOFFICIAL
Create hunting rule

Result
Threat name:
Unknown
Detection:
malicious
Classification:
evad
Score:
64 / 100
Link:
https://www.joesandbox.com/analysis/337197
Behaviour
Behavior Graph:
n/a
Gathering data
Threat name:
Document-Word.Downloader.Obfuse
Create hunting rule
Status:
Malicious
First seen:
2020-04-03 20:01:29 UTC
File Type:
Document
Extracted files:
23
AV detection:
28 of 48 (58.33%)
Threat level:
  2/5
Result
Malware family:
n/a
Score:
  8/10
Tags:
n/a
Link:
https://tria.ge/reports/201109-trz6khaxwx/
Behaviour
Modifies Internet Explorer settings
Suspicious behavior: AddClipboardFormatListener
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Checks processor information in registry
Enumerates system info in registry
Office loads VBA resources, possible macro or embedded object present
Drops file in Windows directory
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Word file docx 774d0427cd607b1c09131cc277a68c9edd7cf01499d356bcb1ef4a08e6fc322a

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/368317/
  
Delivery method
Distributed via web download

Comments