MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b96587b68a04dbfe6712ed71590d3b8bdc136e3b2fb451bb37de3315a4229b53. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


LuminosityLink


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b96587b68a04dbfe6712ed71590d3b8bdc136e3b2fb451bb37de3315a4229b53
SHA3-384 hash: fc2bdca3843d4c6097cc442c4b6823107066d3870fa52ee8a142b1440dd7506ea92814086cc0ad8bbcc79a1b72922a3e
SHA1 hash: 6b0e6dc1ed63bafdf7af8d5985b052b97dcf9ac4
MD5 hash: 500f5cd6b8d7cb701618540025890ad4
humanhash: fish-august-venus-maine
File name:Quote_890033-1636836662.7z
Download: download sample
Signature LuminosityLink
Create hunting rule
File size:261'791 bytes
First seen:2020-07-02 07:02:58 UTC
Last seen:Never
File type: 7z
MIME type:application/x-rar
ssdeep 3072:z6Xp4Xh3NPajGp+D/g3I/XCU+WErQUGzKpjEnIF6CAZK1vKtIcvhkRN6UMSVW5/z:uXp2ABPD+WErVFEID8EvnUkRN6x5D9Rj
TLSH C24423548EDBDDCAE124070B2E42763EDB7E5358C84288716F7F5C9AC248C77894AD2E
Reporter abuse_ch
Tags:7z LuminosityLink


Avatar
abuse_ch
Malspam distributing LuminosityLink:

HELO: lucky1.263xmail.com
Sending IP: 211.157.147.130
From: 席俊 <xj@jhdq-zj.com>
Subject: 36528900-1636836662
Attachment: Quote_890033-1636836662.7z (contains "Quote14890033-1636836662P647728279389300373.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
105
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b96587b68a04dbfe6712ed71590d3b8bdc136e3b2fb451bb37de3315a4229b53/
Threat name:
Win32.Trojan.Avemariarat
Create hunting rule
Status:
Malicious
First seen:
2020-07-02 07:04:06 UTC
AV detection:
18 of 29 (62.07%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=xfsypnukatn74zys5vyvsdj3rpobg3r3f62fdozx3yzrljbctnjq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

LuminosityLink

7z b96587b68a04dbfe6712ed71590d3b8bdc136e3b2fb451bb37de3315a4229b53

(this sample)

LuminosityLink

Executable exe a788ea8c9c5bbe20b11f00d99f49c22656f0f2f8456f085d206ba770b4649938

  
Dropping
MD5 eefda45bc4b4e06a2dde315b68005195
  
Dropping
LuminosityLink
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 a788ea8c9c5bbe20b11f00d99f49c22656f0f2f8456f085d206ba770b4649938

Comments