MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 79896ab9ec1fad79d24bf3d9cea0565d06f2b0f8119af8d1d7da98f167cd399a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
XWorm
Vendor detections: 6
| SHA256 hash: | 79896ab9ec1fad79d24bf3d9cea0565d06f2b0f8119af8d1d7da98f167cd399a |
|---|---|
| SHA3-384 hash: | b45549837745b9b71e82c261e1d8383eaca9ab5755fb9b62f0d04b7081fd34d89380bdb69bf54de09d25bd38eb83d3b9 |
| SHA1 hash: | e524f4dbe5dc88a30fac0b4b10f620492e56c8bb |
| MD5 hash: | 4b361e8c05f68aff9c1a5371ea9c52ab |
| humanhash: | alpha-summer-california-july |
| File name: | screenshots.img |
| Download: | download sample |
| Signature | XWorm |
| File size: | 1'245'184 bytes |
| First seen: | 2024-02-08 15:53:45 UTC |
| Last seen: | Never |
| File type: | img |
| MIME type: | application/x-iso9660-image |
| ssdeep | 96:5dLQzhTUkktZ0K7iuXLE2kR1sosoBTf8f:PLsk00E2kRaBOU |
| TLSH | T1C445258277F41606F6B36B3549B461254ABEBC266A79C64D369C020E0FF3B41CD70BA7 |
| TrID | 47.8% (.ISO/UDF) UDF disc image (2114500/1/6) 46.3% (.NULL) null bytes (2048000/1) 5.7% (.HTP) HomeLab/BraiLab Tape image (256000/1) 0.0% (.ISO) ISO 9660 CD image (2545/36/1) 0.0% (.BIN/MACBIN) MacBinary 1 (1033/5) |
| Reporter | |
| Tags: | img xworm |
Intelligence
File Origin
# of uploads :
1
# of downloads :
107
Origin country :
USFile Archive Information
This file archive contains 1 file(s), sorted by their relevance:
| File name: | SCREENSH.VBS |
|---|---|
| File size: | 2'848 bytes |
| SHA256 hash: | 5d396ac219738c90a4d80fd423f91470994f2c13a49f7d20f0720e62a5734a0c |
| MD5 hash: | eefbf3700312a44c673c7724667f3566 |
| MIME type: | text/plain |
| Signature | XWorm |
Vendor Threat Intelligence
Detection(s):
Verdict:
Malicious
Threat level:
10/10
Confidence:
100%
Result
Verdict:
MALICIOUS
Threat name:
Script-WScript.Trojan.Heuristic
Status:
Malicious
First seen:
2024-02-07 16:01:41 UTC
File Type:
Binary (Archive)
Extracted files:
1
AV detection:
8 of 24 (33.33%)
Threat level:
2/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
XWorm
img 79896ab9ec1fad79d24bf3d9cea0565d06f2b0f8119af8d1d7da98f167cd399a
(this sample)
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.H-worm