MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 98e79b367ac37ec0d44b8bd41af6787cf54f1c396fa663cfeba476eb2e4ec698. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA 1 File information Comments

SHA256 hash: 98e79b367ac37ec0d44b8bd41af6787cf54f1c396fa663cfeba476eb2e4ec698
SHA3-384 hash: b4edce28515f526d2e046a11ea6acde3e052c24ac2528b77ea5c34a8843cd26c6c0fabccefce5012534e799a6df7e43f
SHA1 hash: 76abbf1f06648f116752f70882b342f81fb4d6f1
MD5 hash: fd52b609cb2b01eeb9d81e9fd2b7edf2
humanhash: stream-cola-wyoming-vermont
File name:attack.txt
Download: download sample
Signature n/a
File size:4'965 bytes
First seen:2022-08-05 13:06:32 UTC
Last seen:Never
File type:unknown
MIME type:text/plain
ssdeep 48:V0OBn6zALDCn/r4vGXKQuT4vGX1ebB7xxg8PzUPeSP3n5ZWibrE7xxpsGyN5nVJT:V0OB6zVnUujruYlxunExLAex91aPnL
TLSH T1A6A112BAF644C5B5C10FD2798208BC0C1524BAC3C2D02DD467BC6C169C55FCF6D616C0
Reporter @JAMESWT_MHT

Intelligence


File Origin
# of uploads :
1
# of downloads :
239
Origin country :
IT IT
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
UNKNOWN
Threat name:
Script-PowerShell.Trojan.Heuristic
Status:
Malicious
First seen:
2022-08-05 13:07:07 UTC
File Type:
Text (PowerShell)
AV detection:
8 of 26 (30.77%)
Threat level:
  2/5

YARA Signatures


MalareBazaar uses YARA rules from several public and non-public repositories, such as Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious proccess dumps they may create. Please note that only results from TLP:WHITE rules are being displayeyd.

Rule name:binaryObfuscation
Author:Sean Dalnodar

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments