MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9f927ec4572837ca04bf58fd4fd9eda9ead39db31f44d2c071f77e106de6eb3f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 9f927ec4572837ca04bf58fd4fd9eda9ead39db31f44d2c071f77e106de6eb3f
SHA3-384 hash: f024622fa1cf9099f0e8c0e222136c3ea872f8b1afc6c9d55a3c46bdde6b7cb5f094f992dfaa3cee35c48909cde1309d
SHA1 hash: 99d8d94cb4badfee401c0f42fa237a2bb93a750e
MD5 hash: 1ddee707847d0a0b56bf42b683849880
humanhash: double-social-hot-quiet
File name:Invoice & Packing. 91003.zip
Download: download sample
File size:496'822 bytes
First seen:2020-10-14 05:26:01 UTC
Last seen:2020-10-14 05:26:55 UTC
File type: zip
MIME type:application/zip
ssdeep 12288:Mvk5/usbhyq48QT0AlMSTkaK6gX/FGr+76yeXBCHGFIq:yk5nhyq48Q4fR6St2CeXgrq
TLSH ACB423C19E067DFB07472AE84D977455AB007102F7C27D20CA22B6F4602F5DAE696E3B
Reporter cocaman
Tags:zip


Avatar
cocaman
Malicious email (T1566.001)
From: "marketing@aplombtechbd.com"
Received: "from aplombtechbd.com (unknown [209.58.149.87]) "
Date: "13 Oct 2020 22:58:51 -0700"
Subject: "RE: Invoice & Packing List"
Attachment: "Invoice & Packing. 91003.zip"

Intelligence

File Origin
# of uploads :
2
# of downloads :
88
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.Packed2.42629.22136.31009.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/9f927ec4572837ca04bf58fd4fd9eda9ead39db31f44d2c071f77e106de6eb3f/
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-10-14 00:05:23 UTC
File Type:
Binary (Archive)
Extracted files:
14
AV detection:
21 of 29 (72.41%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=t6jh5rcxfa34ubf7ld6u7wpnvhvnhhntd5cnfqdr657ba3pg5m7q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.65
Link:
https://yomi.yoroi.company/submissions/9f927ec4572837ca04bf58fd4fd9eda9ead39db31f44d2c071f77e106de6eb3f

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

zip 9f927ec4572837ca04bf58fd4fd9eda9ead39db31f44d2c071f77e106de6eb3f

(this sample)

Executable exe a2e772a2b72091fc5996f64198684e85e9d521f620d435c90e36d3327ad44592

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 a2e772a2b72091fc5996f64198684e85e9d521f620d435c90e36d3327ad44592

Comments