MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9020f5502fb3d72da1073e125552ea8eb335f3b74a12f0c0b575c0490ee92dcc. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 2

Intelligence 2 IOCs YARA File information Comments

SHA256 hash:	9020f5502fb3d72da1073e125552ea8eb335f3b74a12f0c0b575c0490ee92dcc
SHA3-384 hash:	94829a26d1220dd19fd51317a1cdaddf9e4d60a136010ca26bb014aec4839ee0dde8f0d57ded7a8f3d9e6a09dd288734
SHA1 hash:	0381ec5d229e34985889baeeb6690098f71a7c1b
MD5 hash:	ce76c023ea3ad6d53edb3125269dab50
humanhash:	kitten-utah-oxygen-freddie
File name:	RSVP_INVITATION_2025 (1).msi
Download:	download sample
File size:	22'282'240 bytes
First seen:	2026-03-31 12:37:09 UTC
Last seen:	Never
File type:	msi
MIME type:	application/octet-stream
ssdeep	3::
TLSH	TNULL
TrID	88.8% (.NULL) null bytes (2048000/1) 11.1% (.HTP) HomeLab/BraiLab Tape image (256000/1) 0.0% (.BIN/MACBIN) MacBinary 1 (1033/5) 0.0% (.SMT) Memo File Apollo Database Engine (88/84) 0.0% (.VXD) VXD Driver (29/21)
Magika	iso
Reporter	Anonymous
Tags:	msi

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

Gathering data

Verdict:

Clean

Score:

99.9%

Link:

https://cyber-fortress.com/docs/result/index.php?id=69cbc6cc3a18a6e1ddf00626

Tags:

n/a

Verdict:

Unknown

Threat level:

2.5/10

Confidence:

100%

Link:

https://www.filescan.io/uploads/69cbc6c7972c219c8d736854/reports/6b8623f1-b5df-4791-b6b4-438b5d8d69e3/overview

Verdict:

Unknown

Link:

https://www.hybrid-analysis.com/sample/9020f5502fb3d72da1073e125552ea8eb335f3b74a12f0c0b575c0490ee92dcc

Verdict:

Clean

File Type:

unknown

First seen:

2024-09-26T20:56:00Z UTC

Last seen:

2026-03-31T10:24:00Z UTC

Hits:

~10

Link:

https://opentip.kaspersky.com/9020f5502fb3d72da1073e125552ea8eb335f3b74a12f0c0b575c0490ee92dcc/results?tab=lookup

Gathering data

Verdict:

Clean

Link:

https://tip.neiki.dev/file/9020f5502fb3d72da1073e125552ea8eb335f3b74a12f0c0b575c0490ee92dcc

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=saqpkubpwpls3iihhyjfkuxkr2ztl45xjijpbqfvoxaesdxjfxga._file

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/260331-qb7j6sax2l/

Behaviour

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/9020f5502fb3d72da1073e125552ea8eb335f3b74a12f0c0b575c0490ee92dcc

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape

https://www.capesandbox.com/analysis/59897/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample