MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 782f93e5d91d7000ce8353a947cdfee9f11b98312861aee7c7eca8dec4b526ac. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


KeyBase


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 782f93e5d91d7000ce8353a947cdfee9f11b98312861aee7c7eca8dec4b526ac
SHA3-384 hash: 2951a20708c5045c5d71b76182198586a0e63d8ada55fc768f3b1a75d0fe0898e747ff292cd125216e3958ffef42f788
SHA1 hash: 1785b6d4ffd0b5c01e6ac8d3736c5abec52c8421
MD5 hash: 04c9a0ee5f547b0f84ba15ec2a0b6216
humanhash: muppet-colorado-fifteen-oranges
File name:docugatay.7z
Download: download sample
Signature KeyBase
Create hunting rule
File size:672'093 bytes
First seen:2020-08-04 09:30:07 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:sIGWcgpGJbgYsFiOQNStvqj0ETh7/Bh3UYpq/yJvSYThCNtoWj+IW:VDp2ZsFiOZtyjt7ZF7QoqYkNKmO
TLSH 63E4235E0F7CC94A19D7EE783C14B236FAD029C5B4CA693237EAED88C5031F946D185A
Reporter abuse_ch
Tags:7z KeyBase


Avatar
abuse_ch
Malspam distributing KeyBase:

HELO: mail.pharmasquare.gr
Sending IP: 5.172.196.35
From: info <info@gateline.gr>
Subject: 05129-DIG19001_ docs URGENT
Attachment: docugatay.7z (contains "docugatary.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
77
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/782f93e5d91d7000ce8353a947cdfee9f11b98312861aee7c7eca8dec4b526ac/
Threat name:
ByteCode-MSIL.Infostealer.Fareit
Create hunting rule
Status:
Malicious
First seen:
2020-08-04 09:32:06 UTC
AV detection:
20 of 48 (41.67%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=paxzhzozdvyabtudkouuptp65hyrxgbrfbq25z6h5sun5rfve2wa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/782f93e5d91d7000ce8353a947cdfee9f11b98312861aee7c7eca8dec4b526ac

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

KeyBase

zip 782f93e5d91d7000ce8353a947cdfee9f11b98312861aee7c7eca8dec4b526ac

(this sample)

KeyBase

Executable exe d6e1c4c9090d58d498162d834efa18bc54e0a25809ba10821fe21f689946f0e5

  
Dropping
MD5 0f9f8a4e9ae47093d35616a97003639f
  
Dropping
KeyBase
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 d6e1c4c9090d58d498162d834efa18bc54e0a25809ba10821fe21f689946f0e5

Comments