MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 86df93f906086a656f1b5e26bfa134996206769968dca47442b1141e5e112816. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 86df93f906086a656f1b5e26bfa134996206769968dca47442b1141e5e112816
SHA3-384 hash: 94c1a486b3e230afa473a9bd6963f8d8ec2c15678e6ce5464e9eac2958c8f2fd0c1a6f95bd49308dc5d70167b0413c33
SHA1 hash: adb398a833f81b5e7d5d4c804742f8bc18d2696f
MD5 hash: 235e9af4c6f5b5de7d30d0589bbcff14
humanhash: delta-salami-violet-mexico
File name:sample
Download: download sample
File size:146'435 bytes
First seen:2020-04-16 08:58:26 UTC
Last seen:2025-02-09 14:21:35 UTC
File type:DLL dll
MIME type:application/x-dosexec
imphash ade35a5d00895817c1a7d3a76193610c
ssdeep 3072:2d4kDjFKZzBkI4rQWBzx7/Vj7TQ8227QmY8Ou2Y9LCnkEm6:o4kfoQBzx7tjXQ8rY5uekEm6
Threatray 31 similar samples on MalwareBazaar
TLSH 63E302D6F4A99272C81B7B3D7F71FA4CF37C02108970C605AA8C1E5469432E6A42B5F2
Reporter JoulK

Intelligence

File Origin
# of uploads :
3
# of downloads :
86
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Win32.Blacked.20262.25079.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Swisyn
Create hunting rule
Status:
Malicious
First seen:
2018-11-25 08:03:58 UTC
File Type:
PE (Dll)
Extracted files:
2
AV detection:
27 of 30 (90.00%)
Threat level:
  2/5
Verdict:
unknown
Similar samples:
257e99cfd3593f0ae2b35f2b1a3a8448e1272f9455b7f03ada226b88222c5179
270c10b611fa95a41054622c5caed5e88a7b3ec9c2ffaec93725b95b6d6d5aa3
5b7a427059db68523dcb95964e8c5f154ae9dd41504d3fa797dc536b36b61f50
5e5d88343393a5a1f98a66c8e5967023e200dcf3be81bc0a3c210396156d0fea
6785ac0d25c3b5a7fa54aa4df7d2a00611305c06b51f1d5d4fb27d1ff2ccdba9
6829cb62da82005be89a9f27b85c50a40f9a7a74424bf96500d420e077b8b666
77b2ce43a1a7363d6c90b9b11fc05220511a868f4f8ca72cd6cbe3219f79fbdd
8916a2ccfa61771ecb3ace5da83e029f1ba683f36016fafc50922c9a5615b625
9cd4df25010125f2ef3eeef44503b3c2b58435af758fe7213d053a60f018f3d8
de034510400de08c5508ad8d236bc533990778cd9867c0a6190a5459cbca6422
+ 21 additional samples on MalwareBazaar
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

BLint

The following table provides more information about this file using BLint. BLint is a Binary Linter to check the security properties, and capabilities in executables.

Findings
IDTitleSeverity
CHECK_AUTHENTICODEMissing Authenticodehigh
CHECK_DLL_CHARACTERISTICSMissing dll Security Characteristics (HIGH_ENTROPY_VA)high
Reviews
IDCapabilitiesEvidence
URL_MONIKERS_APICan Download & Execute componentsurlmon.dll::URLDownloadToFileA
WIN_BASE_APIUses Win Base APIKERNEL32.dll::LoadLibraryA

Comments