MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b82709866f3f2651a08e22ef94f52526e666a9e030cf7ff605375567e02d3121. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b82709866f3f2651a08e22ef94f52526e666a9e030cf7ff605375567e02d3121
SHA3-384 hash: 1f792eae01ec61226763778ea0fa41a1c0a216202b3d80232e36293741821efaf40c18fb554687b4bbac39318317febc
SHA1 hash: d56c91eb6a51998b0d67276273c5919f9e5f3e39
MD5 hash: ffb956a86dfe17870696e2933fd4078e
humanhash: earth-maine-salami-texas
File name:SecuriteInfo.com.Win32.DH_YgM2gmw.3030.10636
Download: download sample
File size:965'120 bytes
First seen:2020-05-28 18:18:20 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash de876721e364be8b9a5975feb1009176
ssdeep 12288:0KZlgXqoVxLZyOffRpf57LKKaEeNzRs0s1q4UjVgmHlvH/70:0OmXqoHdnDERESFsxy/vz0
Threatray 1 similar samples on MalwareBazaar
TLSH 95252929FB0765F0D62797B2859EEB7B8714BA158022EE7FFF4BDA04E4334123845261
Reporter SecuriteInfoCom

Intelligence

File Origin
# of uploads :
1
# of downloads :
69
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Win32.DH_YgM2gmw.3030.10636.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
Win32.Trojan.Clipbanker
Create hunting rule
Status:
Malicious
First seen:
2020-05-24 01:10:19 UTC
File Type:
PE (Exe)
AV detection:
22 of 31 (70.97%)
Threat level:
  5/5
Verdict:
suspicious
Similar samples:
6d38e557e684a8e59acb2767457a4bf54ab1942e7edb4438cf14ec74e765d11b
Result
Malware family:
n/a
Score:
  8/10
Tags:
n/a
Link:
https://tria.ge/reports/201109-ppj39qgxye/
Behaviour
Creates scheduled task(s)
Suspicious use of WriteProcessMemory
Executes dropped EXE
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Executable exe b82709866f3f2651a08e22ef94f52526e666a9e030cf7ff605375567e02d3121

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/371255/
  
Delivery method
Distributed via web download

Comments