MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9698437ebee173480497cf5c1a1f3d60a6a6eb0ed51eeac1b90929e149bce2d0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information Yara 2 Comments

SHA256 hash: 9698437ebee173480497cf5c1a1f3d60a6a6eb0ed51eeac1b90929e149bce2d0
SHA1 hash: 1c8c75936f9def42e34d7d28f208696d0d40ef0b
MD5 hash: 4f11d0e0894c4d1ca9bc26cedd4547a5
File name:SecuriteInfo.com.Trojan.MSOffice.SAgent.gen.12833
Download: download sample
Signature Dridex
File size:61'051 bytes
First seen:2020-05-22 09:54:43 UTC
Last seen:Never
File type:Excel file xlsx
MIME type:application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
ssdeep 1536:HNnfSPhKCwPFmSTZRTqKurEDzloc7xAbHNrhSWktZGROrgi59RKRrLJXM:HNaJKCMMCZdzz7nJ6Urx5PWrhM
TLSH 9353F129C6169C09C6D615BD410854F1631D0D82A547FA4F7EC0F28877979C7F78F2BA
Reporter @SecuriteInfoCom
Tags:Dridex

Intelligence


Mail intelligence
Trap location Impact
IT Italy Low
Global High
# of uploads 1
# of downloads 22
Origin country US US
ClamAV TwinWave.EvilDoc.SOBRASSMUCHPOCKETS.20200521.UNOFFICIAL
SecuriteInfo.com.Trojan.MSOffice.SAgent.gen.12833.UNOFFICIAL
VirusTotal:Virustotal results 11.29%

Yara Signatures


Rule name:ach_Dridex_xlsm_20200528_2
Author:abuse.ch
Rule name:SharedStrings
Author:Katie Kleemola
Description:Internal names found in LURK0/CCTV0 samples

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments