MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 80235c15a8eb599ae86b03dffcc7b84d5670ee01619a49310ac172e58139d1f9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 80235c15a8eb599ae86b03dffcc7b84d5670ee01619a49310ac172e58139d1f9
SHA3-384 hash: 8fefa0c5b07d28bb58f02113e9866e0e79c42eaf8c087db37726ca13eb36ea3d80b0b15b2d174cbc040ee811a3e921c2
SHA1 hash: 052c35029a35d2b8fc9a4ef3aa889af88c25bdc8
MD5 hash: 811e4d80580d2e12c87ba88a49e908ec
humanhash: jig-monkey-florida-social
File name:mrjohnn.txt
Download: download sample
File size:286'040 bytes
First seen:2022-11-10 07:43:12 UTC
Last seen:2022-11-10 07:43:18 UTC
File type:unknown
MIME type:text/plain
ssdeep 3072:n+8hGxaLGa4+0z1uwCJ86PUz5/wOfCJqQ9JI9CbDto77lON6WPxejOT08rTtRjC4:lGaLGaUcwCGdxwOfChtUeEjOzjO0h1
TLSH T1F0543C3223437C4A77BB1F88F8043DA10CEB39D763E28439BAC48B5991AB564DD19D79
Reporter JAMESWT_WT
Tags:scarenx-gq

Intelligence

File Origin
# of uploads :
2
# of downloads :
83
Origin country :
IT IT
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Generic-EXE.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.PUA.Base64EXE-2.UNOFFICIAL
Create hunting rule

Verdict:
No Threat
Threat level:
  2/10
Confidence:
100%
Tags:
hacktool obfuscated
Link:
https://www.filescan.io/uploads/636cabc420a0b4943a8eb458/reports/2521bff5-b6a9-460c-af48-53e4a135c3a6/overview
Result
Verdict:
MALICIOUS
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/80235c15a8eb599ae86b03dffcc7b84d5670ee01619a49310ac172e58139d1f9/
Threat name:
ByteCode-MSIL.Infostealer.DarkStealer
Create hunting rule
Status:
Malicious
First seen:
2022-11-08 11:46:43 UTC
File Type:
Text (PowerShell)
AV detection:
14 of 40 (35.00%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=qarvyfni5nmzv2dlapp7zr5yjvlhb3qbmgnesmikyfzolajz2h4q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/80235c15a8eb599ae86b03dffcc7b84d5670ee01619a49310ac172e58139d1f9

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

unknown 80235c15a8eb599ae86b03dffcc7b84d5670ee01619a49310ac172e58139d1f9

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/2406586/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/2406906/

Comments