MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 820d6f27da1cbdb1b7fb50d3ded03fc200813c22ec4ec3e7436cdbbff5bc72c1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Neurevt


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments

SHA256 hash: 820d6f27da1cbdb1b7fb50d3ded03fc200813c22ec4ec3e7436cdbbff5bc72c1
SHA3-384 hash: 4a5ab56d77d03ae1ce658d6681382a87ff4ee81867e86c57f05fbdd3fa2bb1732cf5ea43290f1eacb57faf1e5e7cc3d9
SHA1 hash: 782a04023dbfa7809cf5c7cae0a78a219e4cf4b9
MD5 hash: 8746ced7ce43d38a6f08d0f191d0d23a
humanhash: august-eighteen-bluebird-pluto
File name:Sample of order.gz
Download: download sample
Signature Neurevt
File size:426'671 bytes
First seen:2020-10-09 06:27:39 UTC
Last seen:Never
File type: gz
MIME type:application/gzip
ssdeep 12288:y5ZJFVWDy0PdP5ov4AYtOSBzskgKxzWgT7k:y/omYhomMSBzTW6Y
TLSH F99423F267712F32F0F363D39069A90AFE84E745FEB16D2B2C4B72D85848942519E172
Reporter abuse_ch
Tags:gz Neurevt


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: ns20.hyyat4host.com
Sending IP: 138.201.62.222
From: Rewijian Gayuh W <tamer_diab@alrosan.com.sa>
Subject: Inquiry for product
Attachment: Sample of order.gz (contains "Sample of order.exe")

Intelligence


File Origin
# of uploads :
1
# of downloads :
85
Origin country :
n/a
Vendor Threat Intelligence
Threat name:
ByteCode-MSIL.Trojan.Generic
Status:
Suspicious
First seen:
2020-10-09 05:03:10 UTC
AV detection:
28 of 48 (58.33%)
Threat level:
  5/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Neurevt

gz 820d6f27da1cbdb1b7fb50d3ded03fc200813c22ec4ec3e7436cdbbff5bc72c1

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments