MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b0d9703714cc221faaba6dd5c4089f5866e2c2dcc8b342e7dfdd647e29ab4752. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information 3 Yara Comments

SHA256 hash: b0d9703714cc221faaba6dd5c4089f5866e2c2dcc8b342e7dfdd647e29ab4752
SHA3-384 hash: bb2a17226fa123f4b296dc20d0190410359984050bda04e6eeb8c1d34126a41591598435b6e96b9a65dd8305b458fad4
SHA1 hash: bb00c4aac6d8295f651a164ac4606a15eb1c7d29
MD5 hash: 1d69cee9b75e899d5d52d10dde6e0dac
humanhash: snake-oklahoma-fillet-mobile
File name:Cure Mediche.iso
Download: download sample
Signature n/a
File size:200'704 bytes
First seen:2020-03-25 18:33:05 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 1536:rMzzsCHx8BuUTJtzENSvysNRxIhmxMtwX1fB340qQl44444444444441CoLkwjpJ:rVS8xttzHa5bCupVMlt0
TLSH B3146B26B2B4E805CD159D351DEB9EB98D27BC255CA84E43354E7F1E2FBB242AD39300
Reporter @HerbieZimmerman
Tags:Agent Telsa

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 24
Origin country US US
ClamAV SecuriteInfo.com.Trojan.PWS.Siggen2.45639.25823.1266.UNOFFICIAL
CERT.PL MWDB Gathering data
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Injector
First seen:2020-03-25 20:49:14 UTC
AV detection:21 of 47 (44.68%)
Threat level:   5/5
VirusTotal:Virustotal results 8.33%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

iso b0d9703714cc221faaba6dd5c4089f5866e2c2dcc8b342e7dfdd647e29ab4752

(this sample)

  
Dropping
Agent Telsa
  
Delivery method
Distributed via e-mail attachment

Comments