MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 791d151eb30a727b0f0307654f99ea9cc4e33d07d123721f26d81e1538d92106. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Pikabot


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 791d151eb30a727b0f0307654f99ea9cc4e33d07d123721f26d81e1538d92106
SHA3-384 hash: caab215d1f1f1a6eec52515366593ed2bc626bba63efa8655079924ef93888ffb144d881759ececbbf073f55ed3bc691
SHA1 hash: f2f7e3745684bb25a7a04c07c67c5606be57edda
MD5 hash: 47f076834ce56db87a6bf3ef4ea057c3
humanhash: three-solar-mango-diet
File name:AUTn.zip
Download: download sample
Signature Pikabot
Create hunting rule
File size:120'273 bytes
First seen:2023-11-10 11:29:41 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 3072:VnPx5PElDZvRbqDZzTu6V3IN26JN9uUpM6bFhT0Yg6Qcf:V5BEzvR+tzi6hY2C9uUpM6bjT0dE
TLSH T1F6C31244EACA69A05B7E2B7DDC51A1EDA137401B931A75E40C3B2AEEBD00E8489D50F6
TrID 80.0% (.ZIP) ZIP compressed archive (4000/1)
20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Reporter bstnbuck
Tags:Pikabot PW-AGTA zip

Intelligence

File Origin
# of uploads :
1
# of downloads :
106
Origin country :
DE DE
File Archive Information

This file archive contains 1 file(s), sorted by their relevance:

File name:AUTn.js
File size:0 bytes
SHA256 hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
MD5 hash: d41d8cd98f00b204e9800998ecf8427e
MIME type:inode/x-empty
Signature Pikabot
Vendor Threat Intelligence
Gathering data
Verdict:
Suspicious
Labled as:
Malware
Link:
https://www.hybrid-analysis.com/sample/791d151eb30a727b0f0307654f99ea9cc4e33d07d123721f26d81e1538d92106
Result
Verdict:
MALICIOUS
Link:
https://labs.inquest.net/dfi/sha256/791d151eb30a727b0f0307654f99ea9cc4e33d07d123721f26d81e1538d92106
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/791d151eb30a727b0f0307654f99ea9cc4e33d07d123721f26d81e1538d92106/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=peorkhvtbjzhwdyda5su7gpkttcogpih2erxehzg3apbkogzeeda._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/231110-pqlqksgg48/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Pikabot

zip 791d151eb30a727b0f0307654f99ea9cc4e33d07d123721f26d81e1538d92106

(this sample)

Pikabot

Java Script (JS) js 92f83e84c416aa06317a952d94fb306263176d6670da3d69d94adff3ce3c4ad8

  
Dropping
Pikabot
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 92f83e84c416aa06317a952d94fb306263176d6670da3d69d94adff3ce3c4ad8
  
Dropping
MD5 1a74a9f4da8629a003063eec750593f3

Comments