MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b901f2320a7011a69a6b7013bc99be0e904f55f1bc37b3091b014e894bc3db24. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence File information 13 Yara 1 Comments

SHA256 hash: b901f2320a7011a69a6b7013bc99be0e904f55f1bc37b3091b014e894bc3db24
SHA1 hash: d4a975a866b4e4227a90168e0bc4ef7542ac4bfd
MD5 hash: e28c6a5e9f89694a0237fe4966a6c32c
Download: download sample
Signature Phorpiex
File size:967'680 bytes
First seen:2020-05-23 11:46:42 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 179f503f2595426f809b8b283fc488b8
ssdeep 3072:M/l1TNbnAm2MdyEa+PIO6NWOhP3E7frdw/DFjBp2P3+c:6l1TxAmNkWaPUsFjLn
TLSH F2253B6AF75188A3F0321D70486FCA7111E2BC546010551E76AA3F2F79F63622AAF71F
Reporter @SecuriteInfoCom


Mail intelligence No data
# of uploads 1
# of downloads 18
Origin country FR FR
VirusTotal:Virustotal results 38.89%
ReversingLabs :No data

Yara Signatures

Rule name:win_phorpiex_auto
Author:Felix Bilstein - yara-signator at cocacoding dot com
Description:autogenerated rule brought to you by yara-signator

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe b901f2320a7011a69a6b7013bc99be0e904f55f1bc37b3091b014e894bc3db24

(this sample)