MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 82c844922398a206fc1ff40aae0a9e0de6a992fc9903c62bdc2183d37a516533. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	82c844922398a206fc1ff40aae0a9e0de6a992fc9903c62bdc2183d37a516533
SHA3-384 hash:	b06c35a64b7e6a266e48a978a32bf823f1d917a33b1d5ce3c2967303655c0a5e777525e9a6a2a465cf1dd0180eab44f5
SHA1 hash:	bd501128d8d56efdd36d6d4a0a4c8559543a24c9
MD5 hash:	c9c4c73fb74dc85539d7cc51b2d2b9c6
humanhash:	march-colorado-green-spaghetti
File name:	v.dot
Download:	download sample
File size:	9'176 bytes
First seen:	2021-04-29 12:50:37 UTC
Last seen:	Never
File type:	unknown
MIME type:	application/octet-stream
ssdeep	192:8TanhBrxy/eeAx+wfGysEJJV4r20DQdISoAicm7HBWHWUhj3YdWA:8whvxNGd0P0DmAAicm7HBWH9d/A
TLSH	46125CC8ECE4BA97FE8795D4802FF699499AF0BC50C208C139CDF1717F9AB465A26084
Reporter	info_sec_ca
Tags:	CVE-2017-11882 dot

Intelligence

File Origin

# of uploads :

1

# of downloads :

49

Origin country :

n/a

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.Spam-473.UNOFFICIAL

Sanesecurity.Malware.27333.RtfHeur.BadVer.UNOFFICIAL

SecuriteInfo.com.FakeRTF-1.UNOFFICIAL

Sanesecurity.Malware.26244.RtfHeur.UNOFFICIAL

MiscreantPunch.RTF.EvilRTF.CVE-2017-0199-Obfus.UNOFFICIAL

TwinWave.EvilDoc.RTFFakeVersionWithObjUpdateUKSurfMix.20200514.UNOFFICIAL

Result

Verdict:

MALICIOUS

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/82c844922398a206fc1ff40aae0a9e0de6a992fc9903c62bdc2183d37a516533/

Threat name:

Document-RTF.Exploit.CVE-2017-11882

Status:

Malicious

First seen:

2021-04-29 12:52:53 UTC

AV detection:

14 of 29 (48.28%)

Threat level:

5/5

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/82c844922398a206fc1ff40aae0a9e0de6a992fc9903c62bdc2183d37a516533

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

unknown 82c844922398a206fc1ff40aae0a9e0de6a992fc9903c62bdc2183d37a516533

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/1183692/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample