MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ae16b7a25283aabacbeeab2a81277fa12ee09b6a72b8f1e94865a2d7e51d1ba7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AveMariaRAT


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ae16b7a25283aabacbeeab2a81277fa12ee09b6a72b8f1e94865a2d7e51d1ba7
SHA3-384 hash: 19e85339c139f3d0e378ecd1e27f40644ae818df7370aa67e8550e1687e77754879f462ee87409d49fc4d44db68f4da1
SHA1 hash: 319dbb125e0d7dfa0e3ca03a03b91b74f5b736c9
MD5 hash: bdba34c1aa708c28bb92c08393c7e102
humanhash: juliet-tennis-victor-burger
File name:Policja.iso
Download: download sample
Signature AveMariaRAT
Create hunting rule
File size:1'159'168 bytes
First seen:2020-10-22 08:12:18 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 12288:TfbnamhHbXW763V8d8OAqUo3priVlP3lVJN2wNkmRPxkcIhlhweV+8YZqckawUNO:Tf75m8OWo0l/iOk4PHIhFluYyej
TLSH C2356C127290C332C13696B9CD5FA7BC59A5BE40AD247887FAFC3D4D6B35E80242B257
Reporter abuse_ch
Tags:AveMariaRAT geo iso POL


Avatar
abuse_ch
Malspam distributing unidentified malware:

From: Policja <notifications@policja.pl>
Subject: Ostatnie zaproszenie od policji
Attachment: Policja.iso (contains "Policja.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
78
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Variant.Zusy.322401.10551.27714.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/ae16b7a25283aabacbeeab2a81277fa12ee09b6a72b8f1e94865a2d7e51d1ba7/
Threat name:
Win32.Infostealer.Fareit
Create hunting rule
Status:
Malicious
First seen:
2020-10-22 06:50:14 UTC
AV detection:
14 of 29 (48.28%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=vyllpissqovlvs7ovmvicj37uexobg3kok4pd2kimwrnpzi5dotq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AveMariaRAT

iso ae16b7a25283aabacbeeab2a81277fa12ee09b6a72b8f1e94865a2d7e51d1ba7

(this sample)

AveMariaRAT

Executable exe d0bac6ada2cd0b49ac66bdaa4265e6cb61df1a4339f50cc7b7bdaade9029337e

  
Dropping
MD5 85ec2d803a35ae30539801820a0efffa
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 d0bac6ada2cd0b49ac66bdaa4265e6cb61df1a4339f50cc7b7bdaade9029337e

Comments