MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a51908ee460d2eddce52a35ba5507424eabed6210a32529ec44cb374d1354e3b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a51908ee460d2eddce52a35ba5507424eabed6210a32529ec44cb374d1354e3b
SHA3-384 hash: 64791560d1568f7ad8f0ad9bdc926326d27b4701f959a3057a3a2e9e6f1783af00ed39ad61442624dc95b84e107f2fcb
SHA1 hash: 68d7859a9fae9da967d87195a26ff3c754f4d5e9
MD5 hash: 6f2e38c431fb8cae4cf2fe56bd417a34
humanhash: twelve-september-grey-thirteen
File name:Payment Instructions.rar
Download: download sample
File size:44'854 bytes
First seen:2020-10-19 10:46:58 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 768:3h/7iAH8ltghguOPmjaEGim1na+DY9FGqbEeNalKDx:x/kYgVuOiONzQalM
TLSH 0C130271C4E8A9175DC22F98A896FC4C21473B877DE73C43940B35E69C3B87151F99A2
Reporter abuse_ch
Tags:rar


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: outgoing1.cpt4.host-h.net
Sending IP: 197.189.247.34
From: desiree@zilwa.co.za <info@prosec247.co.za>
Subject: RE: Please urgent!!
Attachment: Payment Instructions.rar (contains "Payment Instructions.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
77
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a51908ee460d2eddce52a35ba5507424eabed6210a32529ec44cb374d1354e3b/
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-10-19 06:43:19 UTC
AV detection:
4 of 48 (8.33%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=uumqr3sgbuxn3tssunn2kuduetvl5vrbbizffhwejszxjujvjy5q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/a51908ee460d2eddce52a35ba5507424eabed6210a32529ec44cb374d1354e3b

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

rar a51908ee460d2eddce52a35ba5507424eabed6210a32529ec44cb374d1354e3b

(this sample)

Executable exe 6e20664d2fe24eb628559b32a5399dd8645a9bcb9c0bb2b934c23aa6d1fc0f7d

  
Dropping
MD5 95a451b1ca2a40fbcda778346cb1aca7
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 6e20664d2fe24eb628559b32a5399dd8645a9bcb9c0bb2b934c23aa6d1fc0f7d

Comments