MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8cf318151897b3c240807d584ce49fcf75e9d62312a30ceb0c189730f1d787ce. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Adware.Softcnapp


Vendor detections: 12


Intelligence 12 IOCs YARA File information Comments

SHA256 hash: 8cf318151897b3c240807d584ce49fcf75e9d62312a30ceb0c189730f1d787ce
SHA3-384 hash: cfb111940cd0eeee9f35bbc74eae5cedee2efa453a4e97f2118efa36f4fb59bd91145a654fe68997585cb1fbb06cfcfd
SHA1 hash: 5a66bd97e433d722a775e13c4e0b7a2759df4603
MD5 hash: 9d5837e47adef4d5abc748b7f73a6785
humanhash: mirror-butter-enemy-tennis
File name:SecuriteInfo.com.Adware.Softcnapp.113.15627.10884
Download: download sample
Signature Adware.Softcnapp
File size:2'188'048 bytes
First seen:2022-04-14 10:33:53 UTC
Last seen:2022-04-20 10:21:38 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 230c7a135fe1b931100367aa5e17de95 (1 x Adware.Softcnapp)
ssdeep 24576:Dv+VnCubQ7eJCmmcXEuf7EDmrZ0vpiUbqJdYgFJiWf2tH/g5pxOoOdrlQTzJ9Cpi:KdWCEUCfKmPlQT19d4RZc3Jtyx9mebe
TLSH T1BFA59D3479428133E6B20274E9E9AB27E829BD7527104CC7E3C53A1F45715C26A7AF2F
TrID 88.3% (.CPL) Windows Control Panel Item (generic) (197083/11/60)
4.7% (.EXE) Win64 Executable (generic) (10523/12/4)
2.2% (.EXE) Win16 NE executable (generic) (5038/12/1)
2.0% (.EXE) Win32 Executable (generic) (4505/5/1)
0.9% (.EXE) OS/2 Executable (generic) (2029/13)
File icon (PE):PE icon
dhash icon 9aacccccca80e0b8 (1 x Adware.Softcnapp)
Reporter SecuriteInfoCom
Tags:Adware.Softcnapp exe signed

Code Signing Certificate

Organisation:浙江自贸区耀光网络科技有限公司
Issuer:DigiCert Assured ID Code Signing CA-1
Algorithm:sha1WithRSAEncryption
Valid from:2019-06-24T00:00:00Z
Valid to:2020-07-01T12:00:00Z
Serial number: 0b61992610a9fe059d458ba79f907c38
Thumbprint Algorithm:SHA256
Thumbprint: 9175811c22c76f70de6f2c2706acec554914749447ae2bb83016edfa0c83ef3a
Source:This information was brought to you by ReversingLabs A1000 Malware Analysis Platform

Intelligence


File Origin
# of uploads :
2
# of downloads :
322
Origin country :
n/a
Vendor Threat Intelligence
Malware family:
n/a
ID:
1
File name:
SecuriteInfo.com.Adware.Softcnapp.113.15627.10884
Verdict:
Malicious activity
Analysis date:
2022-04-14 10:56:53 UTC
Tags:
n/a

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Result
Verdict:
Malware
Maliciousness:

Behaviour
Сreating synchronization primitives
Creating a file
DNS request
Connecting to a non-recommended domain
Sending an HTTP GET request
Result
Malware family:
n/a
Score:
  6/10
Tags:
n/a
Behaviour
MalwareBazaar
MeasuringTime
EvasionQueryPerformanceCounter
CheckCmdLine
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
anti-debug explorer.exe fingerprint greyware hacktool overlay packed
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
64 / 100
Signature
Antivirus / Scanner detection for submitted sample
Contains functionality to infect the boot sector
Machine Learning detection for sample
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Threat name:
Win32.Adware.Burden
Status:
Malicious
First seen:
2019-10-03 13:27:29 UTC
File Type:
PE (Exe)
Extracted files:
197
AV detection:
19 of 42 (45.24%)
Threat level:
  1/5
Verdict:
malicious
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Behaviour
Modifies Internet Explorer settings
Suspicious behavior: EnumeratesProcesses
Unpacked files
SH256 hash:
8cf318151897b3c240807d584ce49fcf75e9d62312a30ceb0c189730f1d787ce
MD5 hash:
9d5837e47adef4d5abc748b7f73a6785
SHA1 hash:
5a66bd97e433d722a775e13c4e0b7a2759df4603
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments