MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 83d171ffcf9f88d4e1408e34ef2829c849b90748e1b7b2da0679d6ee39cd958f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 6

Intelligence 6 IOCs YARA File information Comments

SHA256 hash:	83d171ffcf9f88d4e1408e34ef2829c849b90748e1b7b2da0679d6ee39cd958f
SHA3-384 hash:	9ab0ffbd370d9176200d1855411139fee4288860fc66db6675582910e54833645714dd3825660a6616a78c97eac355cf
SHA1 hash:	53ef35185fa07082cb278e7ef52645a21fbbe058
MD5 hash:	0e65c589e0c6edffb3b305e7595a271b
humanhash:	spaghetti-eleven-maine-oven
File name:	ddd.xlsb
Download:	download sample
File size:	13'247 bytes
First seen:	2023-05-29 07:20:14 UTC
Last seen:	Never
File type:	xlsx
MIME type:	application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
ssdeep	192:0TUa42Szpq9H5FEBPJ2Z3KmFOt+FnzKqiWlw0QSFMaxon0YSntQ:ZaHiBPJ2cEnz3lwduMaxon0i
TLSH	T1EE527D8DD36870A4C1BF6C3DC21B0CF1DA49705A9D85F70E24967A0D2ABE19327CE29D
TrID	77.7% (.ZIP) Open Packaging Conventions container (17500/1/4) 17.7% (.ZIP) ZIP compressed archive (4000/1) 4.4% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Reporter	JAMESWT_WT
Tags:	xlsx

Intelligence

File Origin

# of uploads :

# of downloads :

277

Origin country :

Vendor Threat Intelligence

Malware family:

n/a

ID:

File name:

ddd.xlsb

Verdict:

No threats detected

Analysis date:

2023-05-29 07:22:34 UTC

Tags:

n/a

Link:

https://app.any.run/tasks/bd8712ea-16e5-4925-8cb1-ecd71277e6cb

Note:

ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/392906/

Detection(s):

SecuriteInfo.com.Exploit.CVE-2017-11882.3987.1565.UNOFFICIAL

Result

Verdict:

Clean

Maliciousness:

Behaviour

Searching for the window

Creating a window

Result

Verdict:

Clean

File Type:

OOXML Excel File as Tampered

Link:

https://app.docguard.net/83d171ffcf9f88d4e1408e34ef2829c849b90748e1b7b2da0679d6ee39cd958f/results/dashboard

Verdict:

No Threat

Threat level:

10/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/647452611684784512a336fa/reports/006b8327-b76f-48bf-bb8e-360d42573f86/overview

Verdict:

Unknown

Link:

https://www.hybrid-analysis.com/sample/83d171ffcf9f88d4e1408e34ef2829c849b90748e1b7b2da0679d6ee39cd958f

Label:

Malicious

Suspicious Score:

6.2/10

Score Malicious:

63%

Score Benign:

37%

Link:

https://www.malware.ai/gui/files/?id=258958a2-f149-4cae-a5db-b5ca37d12a4c

Result

Verdict:

UNKNOWN

Link:

https://labs.inquest.net/dfi/sha256/83d171ffcf9f88d4e1408e34ef2829c849b90748e1b7b2da0679d6ee39cd958f

Result

Threat name:

n/a

Detection:

unknown

Classification:

n/a

Score:

0 / 100

Link:

https://www.joesandbox.com/analysis/1244278

Behaviour

Behavior Graph:

Download SVG

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/83d171ffcf9f88d4e1408e34ef2829c849b90748e1b7b2da0679d6ee39cd958f/

Threat name:

Document.Trojan.Heuristic

Status:

Malicious

First seen:

2023-05-28 11:27:03 UTC

File Type:

Document

Extracted files:

AV detection:

4 of 24 (16.67%)

Threat level:

2/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=qpixd76pt6enjykary2o6kbjzbe3sb2i4g33fwqgphlo4oonswhq._file

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/230529-h6nfsaaf9x/

Behaviour

Checks processor information in registry

Enumerates system info in registry

Modifies Internet Explorer settings

Modifies registry class

Suspicious behavior: AddClipboardFormatListener

Suspicious use of SetWindowsHookEx

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/83d171ffcf9f88d4e1408e34ef2829c849b90748e1b7b2da0679d6ee39cd958f

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

xlsx 83d171ffcf9f88d4e1408e34ef2829c849b90748e1b7b2da0679d6ee39cd958f

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/2644253/

Delivery method

Distributed via web download

Cape

https://www.capesandbox.com/analysis/392906/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample