MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 95bd7a62ced0c80358c8e3fd12bb8acb9aecea2b35fa43e7a343cb38ae233e5f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 2 File information Yara 1 Comments

SHA256 hash: 95bd7a62ced0c80358c8e3fd12bb8acb9aecea2b35fa43e7a343cb38ae233e5f
SHA3-384 hash: 4c69b158d8b6d9e18a7cc27b82c73f82c08010915164e07a6b138bfd4ab94f49ec1ab59a0bf73905ec08e2ecf930efec
SHA1 hash: 245a98cac3ab0bb615aa265c2774e34c1fcf2bd3
MD5 hash: ac016bd363b76505c4b5f55fa92bf343
humanhash: uncle-iowa-tennis-zulu
File name:SecuriteInfo.com.Heur.Macro.Generic.h.4bdfa2fa.9877
Download: download sample
Signature n/a
File size:176'640 bytes
First seen:2020-06-30 17:57:06 UTC
Last seen:Never
File type:Excel file xlsx
MIME type:application/vnd.ms-excel
ssdeep 3072:wk3hOdsylKlgryzc4bNhZFGzE+cL2knAQKKWXQ3kl/GVMfliRx4J2iSAqsaHHYat:wk3hOdsylKlgryzc4bNhZF+E+W2knAQ9
TLSH DE04D0B2B665CD82DE75073D0EEA96851723BC0E1F9AC68B7324FB5F7F705808982506
Reporter @SecuriteInfoCom

Intelligence


Mail intelligence
Trap location Impact
DE Germany Low
IT Italy Low
Global Medium
# of uploads 1
# of downloads 33
Origin country US US
ClamAV TwinWave.EvilDoc.WSHCROVARCHRMATHLONGGONE.20200524.UNOFFICIAL
SecuriteInfo.com.Heur.Macro.Generic.h.4bdfa2fa.9877.UNOFFICIAL
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/95bd7a62ced0c80358c8e3fd12bb8acb9aecea2b35fa43e7a343cb38ae233e5f/
ReversingLabs :Status:Malicious
Threat name:Document-Word.Trojan.Sagent
First seen:2020-06-30 17:59:02 UTC
AV detection:15 of 48 (31.25%)
Threat level:   2/5
Spamhaus Hash Blocklist :Suspicious file
Hatching Triage Score:   10/10
Malware Family:n/a
Link: https://tria.ge/reports/200630-n4h5myr3ks/
Tags:n/a
VirusTotal:Virustotal results 30.00%

Yara Signatures


Rule name:SharedStrings
Author:Katie Kleemola
Description:Internal names found in LURK0/CCTV0 samples

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments