MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 7ffe1cad900f0260d3e0fb2ea7fea42360e086663b9bc80df8a51f2b4ac9498a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AveMariaRAT
Vendor detections: 5
| SHA256 hash: | 7ffe1cad900f0260d3e0fb2ea7fea42360e086663b9bc80df8a51f2b4ac9498a |
|---|---|
| SHA3-384 hash: | 09c40cf52fa6f36e19acaccb1ea979d70f9943f8547d6bd45e7506eea7e5c2d28cd9766866c4ea5b6b8d209c00178c71 |
| SHA1 hash: | b3bac9417687ec373ab2449f43acd73ee4ffa0ed |
| MD5 hash: | 9a0a63d7332474736192705b3ca7f886 |
| humanhash: | sodium-east-angel-cold |
| File name: | 0110199383737338466578282847.cab |
| Download: | download sample |
| Signature | AveMariaRAT |
| File size: | 154'555 bytes |
| First seen: | 2021-02-10 07:08:33 UTC |
| Last seen: | Never |
| File type: | cab |
| MIME type: | application/vnd.ms-cab-compressed |
| ssdeep | 3072:iKQ4ffBBnI09OwzgcHbDL+hBEvTqcN5ENVFzb:K4nDILwzg0DgBEv+aiV1 |
| TLSH | 25E3131CA3B4E839A1553FAD3996DC4694ECD6B9DAFD13B6244BF5D400ABF040A1071F |
| Reporter | |
| Tags: | AveMariaRAT cab RAT |
abuse_ch
Malspam distributing AveMariaRAT:HELO: mail.itsaas.pl
Sending IP: 83.143.133.35
From: Lesun Auto Parts Pte Ltd <import@lesunauto.com.sg>
Subject: Enquiry_ Parts GL63, GL450 & GL550-Lesun Auto Parts Pte Ltd
Attachment: 0110199383737338466578282847.cab (contains "0110199383737338466578282847.scr")
AveMariaRAT C2:
xchilogs.duckdns.org:23489 (51.161.61.88)
Intelligence
File Origin
# of uploads :
1
# of downloads :
94
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Result
Verdict:
MALICIOUS
Threat name:
Win32.Trojan.Wacatac
Status:
Malicious
First seen:
2021-02-10 07:09:06 UTC
AV detection:
9 of 48 (18.75%)
Threat level:
5/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
Dropping
AveMariaRAT
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.