MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8cf1bcc2316a49a5f5566634e82ebb914bd9eb1a788464b2830c4f4072618de0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Jadtre


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8cf1bcc2316a49a5f5566634e82ebb914bd9eb1a788464b2830c4f4072618de0
SHA3-384 hash: 55a1f3413d9908399f8195893293fb0f38d5d1959fad0b1596a4f3c24c1a613ac3c4e954aaa638eb93e9d6c9160eef99
SHA1 hash: e91f778633f3a44dbeaf2801be440ec34f202b9f
MD5 hash: c79ef734367bc6afe49da65699eeeda3
humanhash: purple-butter-floor-zebra
File name:b125ebda6f0cc8bef63a78143cd3d867
Download: download sample
Signature Jadtre
Create hunting rule
File size:27'136 bytes
First seen:2020-11-17 14:26:32 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 87bed5a7cba00c7e1f4015f1bdae2183 (3'034 x Jadtre, 23 x IcedID, 17 x Blackmoon)
ssdeep 768:id5u7mNGtyVfvPFQGPL4vzZq2oZ7G2xsdIp:id5z/fvKGCq2w7s
Threatray 1'332 similar samples on MalwareBazaar
TLSH EEC2D072CE8080FFC0CB3072208522DB9B575A7255AA6867A750881E7DBC9E0D97A753
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
61
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
PUA.Win.Packer.Asprotect-3
Create hunting rule

Win.Malware.Vtflooder-6260355-1
Create hunting rule

Win.Malware.Cerbu-9789017-0
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a file in the %temp% directory
Sending a UDP request
Creating a process from a recently created file
Creating a window
Changing an executable file
DNS request
Connection attempt
Sending an HTTP POST request
Modifying an executable file
Creating a file
Running batch commands
Creating a process with a hidden window
Connection attempt to an infection source
Infecting executable files
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8cf1bcc2316a49a5f5566634e82ebb914bd9eb1a788464b2830c4f4072618de0/
Threat name:
Win32.Virus.Jadtre
Create hunting rule
Status:
Malicious
First seen:
2020-11-17 14:28:14 UTC
AV detection:
27 of 29 (93.10%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
48c0eb93148f38a7c2feb878153386bcb9d85500d183e54ebf08ace51c53d9c4
Jadtre
4e7b67c8216136672648d5b95143130f25928e9d1ffec1828745953ce19e5a23
Jadtre
5027abe2c4cbb024f3ea8687d940e604484fd5bac76915f668e72635ac0f5bdb
Jadtre
6232c6c0528348cadc0c8e965eff245f3221882c93d197919a911926b4d0af3c
Jadtre
8b0a52a52bf845b3cfe0c76c1fdf445394f1772eff903fc127511883a43a21be
Jadtre
8be51bac42cc3849630aa77f2ba60653b6475914e0665c70acb314eba24ef4f2
Jadtre
9d73819e5b87587bdb019345ee1c3f4c74f6fbc6ec594644091cf438ac6b1610
Jadtre
a61e451a8f87c93227f7a6f98204841f4ffd7b0dd57546d16946c364a5891e38
Jadtre
d97a8c955f6eb1e23363fe1507ddc312380cf6853c78ae1858207a9714fdb250
Jadtre
fb487b5f6e479436753b746f6cebc528b5a2f9867d2f65f489618b35ecf31a24
Jadtre
+ 1'322 additional samples on MalwareBazaar
Unpacked files
SH256 hash:
8cf1bcc2316a49a5f5566634e82ebb914bd9eb1a788464b2830c4f4072618de0
MD5 hash:
c79ef734367bc6afe49da65699eeeda3
SHA1 hash:
e91f778633f3a44dbeaf2801be440ec34f202b9f
Link:
https://www.unpac.me/results/d5c21c15-a249-4751-8c11-92a59d18ec07/
SH256 hash:
7f51f10e9f5a3600ffac3652f9d685598b98f45c6d492ee52b4501328c61bba7
MD5 hash:
2d24b5c102959ad5f9fc3a6fc2ad6179
SHA1 hash:
bddfa5f6c7621d24a54fa4a8ad3964cbca2dd844
Detections:
win_unidentified_045_g0
Create hunting rule
win_unidentified_045_auto
Create hunting rule
Link:
https://www.unpac.me/results/d5c21c15-a249-4751-8c11-92a59d18ec07/
SH256 hash:
addeb27102a2bb5d4797b407f130862e86f6e798ddf83ba4409aaf32e11bf4e8
MD5 hash:
c490199e46a88e02de8aaed99ea88fa1
SHA1 hash:
5c5bbe71baaebef7d7f577b135e3a78adc5f1d70
Link:
https://www.unpac.me/results/d5c21c15-a249-4751-8c11-92a59d18ec07/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments