MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ac8ccb4e061660998bc269d9b94f95dade11a4fe09a4457f5155ead8bfa74680. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ac8ccb4e061660998bc269d9b94f95dade11a4fe09a4457f5155ead8bfa74680
SHA3-384 hash: 1a77d7d961a98ff90b023f777884e8bc5d6816b8acc6847c4f88a69056bdad34647ca238b699447cec3a555c553e49c7
SHA1 hash: ffa6583c4bbcb28999f66b90a5d5276fb145fae3
MD5 hash: 014669d29b044feda91dcb8ad200c853
humanhash: four-equal-alanine-uranus
File name:netwalker ransomware.ps1
Download: download sample
File size:931'117 bytes
First seen:2020-06-26 13:42:41 UTC
Last seen:2020-06-29 15:04:39 UTC
File type:PowerShell (PS) ps1
MIME type:text/plain
ssdeep 6144:y/WXp13E8LFVy9KrE0zxiRgvLK9H/sG8todmCn4q/FVv4fTYnGu9AKC8+3j:y2rbVvZtqzZGKC8+3j
TLSH C115FD923591B2B701DAC735BE4A06F905BAC702D58B25C9F48C1AADF2DCB6735DA3C0
Reporter JAMESWT_WT
Tags:NetWalker Ransomware

Intelligence

File Origin
# of uploads :
2
# of downloads :
2'490
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Troj.NetWalk-B.12034.23653.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/ac8ccb4e061660998bc269d9b94f95dade11a4fe09a4457f5155ead8bfa74680/
Threat name:
Script-PowerShell.Ransomware.Netwalker
Create hunting rule
Status:
Malicious
First seen:
2020-06-26 13:11:46 UTC
File Type:
Text (PowerShell)
AV detection:
26 of 48 (54.17%)
Threat level:
  5/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments