MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9db4dbb3ffb3e086db94256baaaf7c794e0661132c87f8061d5fca5a4f9d1519. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 9db4dbb3ffb3e086db94256baaaf7c794e0661132c87f8061d5fca5a4f9d1519
SHA3-384 hash: 07951ca98df1a3311b9bc4c3a1bf86ca92e5e8dacb0f78c94e93f80319ebba87f7ec0accb3c17044cf2375f347edca31
SHA1 hash: 4d8b54387fc1e09977f42d4750057ed47ed6d144
MD5 hash: fcf375fe71155ddecd1c4b9d03599011
humanhash: johnny-alabama-kansas-aspen
File name:raw
Download: download sample
File size:2'711 bytes
First seen:2024-07-16 21:34:37 UTC
Last seen:Never
File type:
MIME type:text/plain
ssdeep 48:NspzMQcg/qto8t5NIE7TF7sMksjlBlMy6qKSnfBhPhRJesnOHjgwSsnE6I/IUVZ:NJU/qGmbIE7TrtKcB7R4zGI+Z
TLSH T15B51A5DB1135B1A5D651B0E94359A2D1CC8B1E9FD4894317818C8C6D2614FBEFFBF811
Reporter NDA0E
Tags:NetSupport ps1 ps11


Avatar
NDA0E
https://rentry.co/h45o2zof/raw

Intelligence

File Origin
# of uploads :
1
# of downloads :
129
Origin country :
NL NL
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.PS1.INVOKERBOT.SMA.hp.27207.14120.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
81.4%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6697789cda4062e29ae89e10
Tags:
n/a
Verdict:
Malicious
Threat level:
  10/10
Confidence:
86%
Link:
https://www.filescan.io/uploads/6696e787a537d9330bde7dd4/reports/c67d6135-bf16-4edf-afcb-14281ae5427a/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/9db4dbb3ffb3e086db94256baaaf7c794e0661132c87f8061d5fca5a4f9d1519
Result
Verdict:
MALICIOUS
Score:
100%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/9db4dbb3ffb3e086db94256baaaf7c794e0661132c87f8061d5fca5a4f9d1519
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/9db4dbb3ffb3e086db94256baaaf7c794e0661132c87f8061d5fca5a4f9d1519/
Threat name:
Script-PowerShell.Trojan.Invokerbot
Create hunting rule
Status:
Malicious
First seen:
2024-07-16 21:35:06 UTC
File Type:
Text
AV detection:
5 of 24 (20.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=tw2nxm77wpqinw4uevv2vl34pfhamyitfsd7qbq5l7ffut45cumq._file
Verdict:
unknown
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/9db4dbb3ffb3e086db94256baaaf7c794e0661132c87f8061d5fca5a4f9d1519

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

9db4dbb3ffb3e086db94256baaaf7c794e0661132c87f8061d5fca5a4f9d1519

(this sample)

  
Delivery method
Distributed via web download

Comments