MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a44a0eadafd41601c5833d1e3f60b1e0ce9e7c7c43df14cd19c46b6b90dd329b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a44a0eadafd41601c5833d1e3f60b1e0ce9e7c7c43df14cd19c46b6b90dd329b
SHA3-384 hash: f99ab7d0116ad9722b2b15c3af8b6d2b86aaf64b9a83427115994f4a6ab3c3adbcb49798cf905729e1ea244d7dba4897
SHA1 hash: 77c8a1c42498add409ba0a80d72df4f90788fa95
MD5 hash: 9457953ceee8fbbfea809c4bf62a4844
humanhash: carolina-johnny-beryllium-echo
File name:PRODUCT SPECIFICATION.pdf.zip
Download: download sample
File size:1'685'815 bytes
First seen:2020-08-13 12:37:31 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 24576:Bo6T2SS4yQ3wV0tOAKDbKgarFqLSjt3i2poEQtsaqbmyTWxnCDTqOlB2okfxNfWo:KSHS4iV0GDbKRwS1+t7+iXmBjUio
TLSH 397533FC8536AC9C0CC734B98CF5F7AE1B241596C4B4B4F6ED7E674621A31A8814C6E1
Reporter abuse_ch
Tags:zip


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: autotrading.com
Sending IP: 37.49.230.209
From: Riccardo Corbo <purchase@autotrading.com>
Subject: purchase order
Attachment: PRODUCT SPECIFICATION.pdf.zip (contains "PRODUCT SPECIFICATION.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
59
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Generic.mg.57a43361e270a8af.19397.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a44a0eadafd41601c5833d1e3f60b1e0ce9e7c7c43df14cd19c46b6b90dd329b/
Threat name:
ByteCode-MSIL.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-08-13 12:39:07 UTC
AV detection:
2 of 48 (4.17%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=urfa5lnp2qladrmdhupd6yfr4dhj47d4ipprjtizyrvwxeg5gknq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/a44a0eadafd41601c5833d1e3f60b1e0ce9e7c7c43df14cd19c46b6b90dd329b

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

zip a44a0eadafd41601c5833d1e3f60b1e0ce9e7c7c43df14cd19c46b6b90dd329b

(this sample)

Executable exe 189c657a03542965ec7bf8dff7ab727210eb88ddd7a76b1b95bb12a852e2c5c9

  
Dropping
MD5 57a43361e270a8af30e54cf875f8a3ae
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 189c657a03542965ec7bf8dff7ab727210eb88ddd7a76b1b95bb12a852e2c5c9

Comments