MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 93a5114ba8e127e9764c5306a3de171bd0e500e4aff5c0d5d13c55850955d031. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 3 Yara Comments

SHA256 hash: 93a5114ba8e127e9764c5306a3de171bd0e500e4aff5c0d5d13c55850955d031
SHA3-384 hash: ccef07251f4c09a8683a4d96a30eaba6e27e1fb746768a365b72a95307e0522bc2d18af015e031c6af2680a739c75150
SHA1 hash: 6715a31d0f2dad4c6eb693e3f85346878676a8cb
MD5 hash: 592670141212ce04a94fcd42025cb737
humanhash: venus-california-north-magnesium
File name:592670141212ce04a94fcd42025cb737.jar
Download: download sample
Signature Adwind
File size:407'818 bytes
First seen:2020-06-30 09:03:55 UTC
Last seen:Never
File type:Java file jar
MIME type:application/java-archive
ssdeep 12288:zF9+XUhrTYTqya86wIEVUoDhRJnQWIJY5BP:zFMXmXMRDLJQWIJ8BP
TLSH 27842372A5C35F20DC8BB072340627E4B3472106C6ACB6FF56768B9D6F2901317A91ED
Reporter @abuse_ch
Tags:Adwind jar RAT


Twitter
@abuse_ch
Adwind RAT C2:
spikeyenergy.giize.com:4242 (62.108.37.200)

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 29
Origin country US US
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/17067/
ClamAV SecuriteInfo.com.Java.Siggen.424.22795.5147.UNOFFICIAL
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/93a5114ba8e127e9764c5306a3de171bd0e500e4aff5c0d5d13c55850955d031/
ReversingLabs :Status:Malicious
Threat name:ByteCode-JAVA.Trojan.Adwind
First seen:2020-06-30 06:24:41 UTC
AV detection:6 of 30 (20.00%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   7/10
Malware Family:n/a
Link: https://tria.ge/reports/200630-v7jdvm41ee/
Tags:persistence
VirusTotal:Virustotal results 14.75%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Adwind

Java file jar 93a5114ba8e127e9764c5306a3de171bd0e500e4aff5c0d5d13c55850955d031

(this sample)

  
Delivery method
Distributed via web download

Comments