MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a36c8ea0188ddc3ed8f06c8e352bb314bc222fef6f9baeb211cd97ac62462dec. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 7

Intelligence 7 IOCs YARA File information Comments

SHA256 hash:	a36c8ea0188ddc3ed8f06c8e352bb314bc222fef6f9baeb211cd97ac62462dec
SHA3-384 hash:	caa89e887899c561b9468625817566b8acf125773245d9f023f6017d6fa27638aee9fadc50832f0ba91ee0ae7465c88d
SHA1 hash:	1e864f8e4ba0d3dbe44b5954e1b0da4f29df39d0
MD5 hash:	c642dea006346c7c4e9644b128440a43
humanhash:	music-kitten-queen-alanine
File name:	May10-2023-Invoice-DocuSign.zip
Download:	download sample
File size:	23'994 bytes
First seen:	2023-05-27 02:08:44 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	384:ROKbct47XekAtQep/SUyuWKRH2Cl0F9q0cyZnITjI4VB89sxihXet/GzvtdVKp/V:Jot4LFiUYpl0F9epjISB89sxotzUp6k
TLSH	T176B2E024F93E4FFBB09D7DAF6EB547AA3C8C44BB07135C6643C9E4DCA8924702561851
TrID	80.0% (.ZIP) ZIP compressed archive (4000/1) 20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Reporter	malware_traffic
Tags:	159-65-42-223 js zip

Intelligence

File Origin

# of uploads :

# of downloads :

261

Origin country :

File Archive Information

This file archive contains 1 file(s), sorted by their relevance:

File name:	May10-2023-Invoice-DocuSign.js
File size:	51'448 bytes
SHA256 hash:	44737c01c93b96afcbb96c0b38993594d29a0a07d625999ef503c8424da90b0e
MD5 hash:	d975b425bf0bf640e5825b5b92654fac
MIME type:	text/plain

Vendor Threat Intelligence

Detection(s):

Sanesecurity.Foxhole.JS_Zip_1.UNOFFICIAL

Result

Verdict:

Clean

File Type:

JS File

Link:

https://app.docguard.net/a36c8ea0188ddc3ed8f06c8e352bb314bc222fef6f9baeb211cd97ac62462dec/results/dashboard

Verdict:

Likely Malicious

Threat level:

7.5/10

Confidence:

100%

Tags:

obfuscated

Link:

https://www.filescan.io/uploads/64716640adebac48a7f88365/reports/7c9fbb93-e44b-416e-a070-007677029101/overview

Verdict:

Malicious

Labled as:

HEUR/Suspar.Generic

Link:

https://www.hybrid-analysis.com/sample/a36c8ea0188ddc3ed8f06c8e352bb314bc222fef6f9baeb211cd97ac62462dec

Result

Verdict:

MALICIOUS

Link:

https://labs.inquest.net/dfi/sha256/a36c8ea0188ddc3ed8f06c8e352bb314bc222fef6f9baeb211cd97ac62462dec

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/a36c8ea0188ddc3ed8f06c8e352bb314bc222fef6f9baeb211cd97ac62462dec/

Threat name:

Win32.Trojan.Callisto

Status:

Malicious

First seen:

2023-05-10 19:52:04 UTC

AV detection:

10 of 36 (27.78%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=unwi5iayrxod5whqnshdkk5tcs6cel7pn6n25mqrzwl2yysgfxwa._file

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/230527-gqwlsabc3v/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Suspicious File

Score:

0.60

Link:

https://yomi.yoroi.company/submissions/a36c8ea0188ddc3ed8f06c8e352bb314bc222fef6f9baeb211cd97ac62462dec

File information

The table below shows additional information about this malware sample such as delivery method and external references.

No further information available

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample