MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9d6bd6a6caed8cbef5c95ed13d01a1e6c72e9e62b513261c0fabf100ff82abb9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 9d6bd6a6caed8cbef5c95ed13d01a1e6c72e9e62b513261c0fabf100ff82abb9
SHA3-384 hash: 98602a0c76d836ba6efc3c53f264a57f95f248e0326d6ba69a2a4c924b7d392c8b5622ad5616be8b3bacf406f0e56012
SHA1 hash: 0f3031ed436faf9c6c45f76b539a2cdb9138db39
MD5 hash: 0e3025682bb60bc27a0de64e9ccdc742
humanhash: moon-six-michigan-edward
File name:639e16012191ad53bdb2e8c61f047d70
Download: download sample
File size:1'576'960 bytes
First seen:2020-11-17 12:17:57 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 2f095340e94ca508e3b83fb009ebf4cc (18 x Renamer)
ssdeep 24576:DcCT67wH3Wis4l+j1ACFzohqDiL/pS1DN93Lib6W8cU4gLQ5A:QCmn8qe4CsJib6W8cU40
Threatray 897 similar samples on MalwareBazaar
TLSH DE75010BDEEB116BFC552B71D02548B310FBF9F60F464722B6E1E60D2A70FA165384A6
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
58
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Win.Packed.Ponystealer-6733035-0
Create hunting rule

Win.Trojan.VBGeneric-6989114-0
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/9d6bd6a6caed8cbef5c95ed13d01a1e6c72e9e62b513261c0fabf100ff82abb9/
Threat name:
Win32.Trojan.DistTrack
Create hunting rule
Status:
Malicious
First seen:
2020-11-17 12:23:44 UTC
AV detection:
26 of 28 (92.86%)
Threat level:
  5/5
Verdict:
unknown
Similar samples:
188538804ed1b796ad27deddc451c9912a0d4a1450412e87be2da6c84e5a8e69
53174a644680154786d09b66cc8c4a1aa83c625bd10137600bf191573fa5c602
54fada6c9bfdc946561633bf5e3788d1921b6635629c02b6ba9a91ad7c008b60
67f4f7cc31f0ceaa09aee924d8930f653f2af08870b66ae7b4258200908a3c9a
686eca2834dd77a34fa608e4cd4507c6ac57613a41a705ad848b81fe8dbfcec4
97a6b33da5bd1caba8bf16c1a6457bda8b50ccc25d154962e53d437a8c35661f
ab703a3bc7d05c62bcc127febfd82a7903a47f45664b5195ada070eb748d5b25
b6177b19a010725f003f7828862f9217af33f3b38a517a40c94c7e8174a91c95
be98190a6bf8bc5b3781fd7e68b8d57d5a0bc2b9c66a7106dd32495b44a9154d
e78fc612cad822b8532351787c4da091dd4ddbfc499d3563050b21c6ba5c0fef
+ 887 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201117-ph4hetb2a6/
Behaviour
Suspicious use of SetWindowsHookEx
Unpacked files
SH256 hash:
9d6bd6a6caed8cbef5c95ed13d01a1e6c72e9e62b513261c0fabf100ff82abb9
MD5 hash:
0e3025682bb60bc27a0de64e9ccdc742
SHA1 hash:
0f3031ed436faf9c6c45f76b539a2cdb9138db39
Link:
https://www.unpac.me/results/c75463f5-a057-4278-a3f2-35bbc7c528f2/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments