MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b4b415e7d67765bc5bfa1fcdee616dfaceb6b90678fabcae8b37c0bdd0ed0235. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b4b415e7d67765bc5bfa1fcdee616dfaceb6b90678fabcae8b37c0bdd0ed0235
SHA3-384 hash: 6f3c6d3d815b9ed2a5ff63e198c0c9ce4d216128199995477d460b0cfdc05eceada1d79709d9aebaba6fa9347aaa96ab
SHA1 hash: 6bd3dd50e50a9b6432ecce6968214713200bfe0f
MD5 hash: a4f8cedcbe3c1a12990d09cee1f27180
humanhash: mike-johnny-grey-snake
File name:5926c1d9a0abb58d47a28d4272cadd95
Download: download sample
File size:927'232 bytes
First seen:2020-11-17 12:27:54 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744 (48'744 x AgentTesla, 19'611 x Formbook, 12'242 x SnakeKeylogger)
ssdeep 12288:yhgNAsI/pMPjOzyFFSXnKbHiJ6/4ak50jKf:dYh8jOGFFfbHi6E
Threatray 140 similar samples on MalwareBazaar
TLSH 5C1543A440DE10D1E15FC67625AE7FB4C2B2BDC79EC65A08036BE1F01A69E133A3D5C9
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
57
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Sending a UDP request
Creating a window
Creating a file
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b4b415e7d67765bc5bfa1fcdee616dfaceb6b90678fabcae8b37c0bdd0ed0235/
Threat name:
ByteCode-MSIL.Infostealer.Azorult
Create hunting rule
Status:
Malicious
First seen:
2020-11-17 12:31:43 UTC
AV detection:
22 of 48 (45.83%)
Threat level:
  5/5
Verdict:
unknown
Similar samples:
06c6a06e460067910ca80f6a1bc57555aebb58a7c89ab1be632a72f6c1921a10
48b89c60002dab9e048b13d51a6099cadd999627ffacc849d660f7e73e6d9b0d
69e5a4941d5236dad068202444b9d7e6fa25944daef9f04e3eaf60ab77252ad6
6cb23b48210469ee821a83a1be7b4724ae876f5a7e56ce1878d7ffdf2c6fceb0
6e44b08da408f1641472bed367f0601d2b2dfa0b4be81c0ccd47837b02055bd4
8256c24d02c5a109077b512ce3b45d7f95bf38cc01c33a968bea89f244f48e40
828b44ee0da00ddfc797dc86f74153b773bef7673f798af3e603148ca0399b35
871bda0c534ebfbb2b2686a5f4195be876434c77223b648c658d84821726c1de
c75eff508f62cf4acb9960a32a93e15f4037325a66b8b669649c83d08ee70730
f8308e10cb652b941d811d09b3293e3f73f73f715e53d61cbcbe2d7d28387d6e
+ 130 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201117-gbrn11gckx/
Unpacked files
SH256 hash:
b4b415e7d67765bc5bfa1fcdee616dfaceb6b90678fabcae8b37c0bdd0ed0235
MD5 hash:
a4f8cedcbe3c1a12990d09cee1f27180
SHA1 hash:
6bd3dd50e50a9b6432ecce6968214713200bfe0f
Link:
https://www.unpac.me/results/650bd2f5-8c6d-4307-8513-8e99bcd49a59/
SH256 hash:
fa3091695bed1ab4ea1cbc8eb271f1b1827408264e22253a2dabf7d466b4e73a
MD5 hash:
2cb03884ead38ff419cef08b734c6d61
SHA1 hash:
5a696a4f404ceea1ffe82c1a9b7b6e703ef3f063
Link:
https://www.unpac.me/results/650bd2f5-8c6d-4307-8513-8e99bcd49a59/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments