MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a751b1f39e0eb2ab9a6246ad1597c6df78ccacde11c723c710498f01146739d1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a751b1f39e0eb2ab9a6246ad1597c6df78ccacde11c723c710498f01146739d1
SHA3-384 hash: 2f1823e71c03eee52baa1049015797a97624299c2965f9ba97ca070a86a0222111dd811100c7de3bfa81406988e339c9
SHA1 hash: 794e723f7fafdd79b467976216476cf44ffd2114
MD5 hash: 2e56a0093b787297588dc103db2c6fb2
humanhash: eleven-mexico-white-four
File name:SecuriteInfo.com.Program.Unwanted.3148.16247.10006
Download: download sample
File size:4'487'552 bytes
First seen:2020-06-02 09:34:30 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash e00de6e48b9b06aceb12a81e7bf494c9 (20 x Adware.Generic, 1 x CoinMiner)
ssdeep 98304:vG5Qg4T2EsIHKXZf0GMueffPhBnBuKI5B:vG582EsxJfvMnznBuH
Threatray 51 similar samples on MalwareBazaar
TLSH 7526331138E840B6EB4149318CD57BD6DAFADD351A110CA7B79503AD1F3E9E6822EE3C
Reporter SecuriteInfoCom

Intelligence

File Origin
# of uploads :
1
# of downloads :
61
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Program.Unwanted.3148.16247.10006.UNOFFICIAL
Create hunting rule

PUA.Win.Adware.Browsefox-6628766-0
Create hunting rule

PUA.Win.Trojan.Generic-6629274-0
Create hunting rule

Gathering data
Threat name:
Win32.PUA.Webcompanion
Create hunting rule
Status:
Malicious
First seen:
2020-04-06 08:14:03 UTC
AV detection:
7 of 31 (22.58%)
Threat level:
  1/5
Verdict:
malicious
Similar samples:
0f9e47562665ef5a863f2b412455f66244c6614dff49a96006473e3604b0c6f8
45ccf8e379c900f0c7496e4debe1ad4550256f6162383baba5f1344e5d9ca250
49e33a3617c0c948569f0e862d090992582eec0e371c471f18074132c85f014b
5199bcc83cf3eb34e56478868237b872fe3795b3ee5b04395ac805a98425801d
649be52b6b0d362efcfc6f1dd79a6b8fbcf85eb2b68f0138f87b6e1cc7e5a418
9b861daa0a7b4276df89a7ec49d2dd3388366ad60a3058df70525313799a0d05
ce7fab69a6c10146ac89e121fbe204ca424cd886c4763674eb2e9260b2f6b722
d0198b775182eab3ed405bd0d946006ec8616b61083e643200d1d34fe8cae2f3
d27db19db72691d403d38243719346bca79efb3f81b6c44d9fd3cd9dfff83b9d
dc4e1c802da2d466553edf5214995a10c49306b9dd9d87a90385c7f20f29adca
+ 41 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  8/10
Tags:
discovery
Link:
https://tria.ge/reports/201109-h2kx8mzqf2/
Behaviour
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Checks for any installed AV software in registry
Checks installed software on the system
JavaScript code in executable
Loads dropped DLL
Executes dropped EXE
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments