MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b9bdb84167be00581ef100106f58391145e2721f272417c54ad6f7a830ec0683. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b9bdb84167be00581ef100106f58391145e2721f272417c54ad6f7a830ec0683
SHA3-384 hash: 16c191ef7555fd04d481c8732aeb9ca1d2d57334aa944aa298f16223217c0f93befbc0f352547631d0a22c5c3c5190ce
SHA1 hash: 704c10f761b23f138e6c4cab150b28fdcc012428
MD5 hash: 4e2b7184c4118af4bb2b55c119c96909
humanhash: london-timing-bulldog-nevada
File name:485型设备资料包.rar
Download: download sample
File size:39'842'925 bytes
First seen:2025-11-30 08:16:37 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 786432:Dgj3IKQVFzsz9BmXJebmztRF7P4pcOOrAaTCBq7h4IM6s:03DWez9kZzH5zOld5Im
TLSH T1619733D507AE0A239E75716384B07597358A303D213F32896E80FCA1AD6FC93F5AD4DA
TrID 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1)
38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Magika rar
Reporter juroots
Tags:rar

Intelligence

File Origin
# of uploads :
1
# of downloads :
33
Origin country :
CH CH
File Archive Information

This file archive contains 23 file(s), sorted by their relevance:

File name:SETUP.EXE
File size:83'800 bytes
SHA256 hash: 64c4e60a7b5c3799fba275082a05b68dd5b6ab03d63af0cdb31c59bca57297b5
MD5 hash: b1a3b36f23c209dd6467b91dfdadd8eb
MIME type:application/x-dosexec
File name:485设备参数配置工具V5.0.9.0.exe
File size:40'127'488 bytes
SHA256 hash: 3a310317f9a3a9d06aab937a83f1b04d11518e27d911d3b154ccd863973e3885
MD5 hash: 616f0c28ad1f2fba1302a94e85125dcd
MIME type:application/x-dosexec
File name:CH341S98.SYS
File size:19'680 bytes
SHA256 hash: 0ecd1222627271ea31d3b64796992b6daf5133d64cc26d43b3873cbe32fd59cb
MD5 hash: b6f4a83911336e84bead8f8905285fab
MIME type:application/x-dosexec
File name:DRVSETUP64.exe
File size:42'328 bytes
SHA256 hash: 552e57f3100bbf78bda39cce9e9cf0e3016551a9197c0757a9746e7a08e71aba
MD5 hash: 6dcd5bc85a93d86c24f03942541a5678
MIME type:application/x-dosexec
File name:CH341SER.VXD
File size:20'089 bytes
SHA256 hash: 2a946f316edd7e1185deeafdc2de52b2d2843198be098a724233c12f9ccd0dae
MD5 hash: be7438420f1da854917f58cad557476d
MIME type:application/x-dosexec
File name:ch341SER.CAT
File size:9'822 bytes
SHA256 hash: 18fab08ba0a79cc57b7a0ce8724cd17e0724b3e0a51bdba364ae9c236d02dddc
MD5 hash: 1f7fe778164d85076e97b10363661cfb
MIME type:application/octet-stream
File name:CH341SER.SYS
File size:39'696 bytes
SHA256 hash: 1e2dd8eb6cc1095f8113448724354567aa8ceac269391cc72b7adcbf657cd53a
MD5 hash: 4798c1ad22baf6ff25451e2194e034d1
MIME type:application/x-dosexec
File name:Commix.exe
File size:200'192 bytes
SHA256 hash: 0a692674409b4d38357b18cda25e2fa639d0e00f15a645775becefceac20b1a7
MD5 hash: 5c82cb64455f9a9e713c77ddd6ebdff9
MIME type:application/x-dosexec
File name:sscom42.exe
File size:732'672 bytes
SHA256 hash: 3252e962e1cd624d9c98869d9e93ab1779e997468583efd99be2a8e2274ab7a5
MD5 hash: c66a51ebf91fbb11d9fa371b06359434
MIME type:application/x-dosexec
File name:CH341PT.DLL
File size:6'712 bytes
SHA256 hash: 45494ce819c1b5c21abb72dc47a0ca36807e0ed74ce55b631da174c77a9b24db
MD5 hash: 69b6fec924c30042d329ae56ca8925cc
MIME type:application/x-dosexec
File name:CH341S64.SYS
File size:58'368 bytes
SHA256 hash: 1a48a57d7ff5332ad380af7884f516548db535cfe23f3ae7d5af291307cbc435
MD5 hash: c58ec27035731337add1326880086b16
MIME type:application/x-dosexec
File name:485设备现场接线手册.pdf
File size:493'061 bytes
SHA256 hash: aa9f4f44b58cf5ee6bea63e24fca60f371ce1ae2c30fee22a6600b01751448f7
MD5 hash: 81750c3364efebcccd1f96cf5ba1b64d
MIME type:application/pdf
File name:组态王通讯例程.rar
File size:84'799 bytes
SHA256 hash: 7101a6cf50435f2c85482333460aa859564dcedd658a982f0bf519c20d550dd4
MD5 hash: a0ed5f5b4372786b6446528baf5d3bcb
MIME type:application/x-rar
File name:CH341SER.INF
File size:5'895 bytes
SHA256 hash: 855213b81a595ad11e2bb8738698baf1c7ea11be964aeb473a3ba47f778e2c75
MD5 hash: b768daedadcc5c22f204a7f9ccd72a84
MIME type:application/x-setupscript
File name:ModBus智配通APP用户手册.pdf
File size:515'134 bytes
SHA256 hash: 673ee23260d793a11451bdf62431b639178f5d959994b0a7dc38cdbea4eec56f
MD5 hash: 3c2843635e156e2a77043ba6ff2eb321
MIME type:application/pdf
File name:commix使用说明.pdf
File size:161'619 bytes
SHA256 hash: 8628c71b66fe5f0273c28667ed3461c3492f02ebf59a1113fd2f158a3b3f78d6
MD5 hash: efb54a1dda00f3f3c7518822dfe54cb6
MIME type:application/pdf
File name:西门子SmartPLC通信例程.rar
File size:87'646 bytes
SHA256 hash: 446015a1cbfca71c10658d8afe86cf6c0914888fd082e141cd96005243d03bc4
MD5 hash: f99b27650701c540496633bc409acfd1
MIME type:application/x-rar
File name:参数设置软件使用说明.pdf
File size:190'848 bytes
SHA256 hash: 9654dcb173a9cf01409b410f820621e1f724a93a55f017da9370f02b59968e4c
MD5 hash: d062814fcd5145d6b2174a34e378fbfc
MIME type:application/pdf
File name:三维力控通讯例程.rar
File size:2'736'574 bytes
SHA256 hash: e2fafbe9de8a6de17ee8d7b4d05a56ab529aa860c6a4f0c6af88b3e0952794c7
MD5 hash: 2e4f8d64d9c2d0a3eeff8fe00befcee8
MIME type:application/x-rar
File name:昆仑通态通讯例程.rar
File size:423'133 bytes
SHA256 hash: d2d4737d3167be411b9a56600cda6567853bf4e09cc5c66655cfa55f0e23722b
MD5 hash: 72a3129c8d71f7ae37657c2e87049355
MIME type:application/x-rar
File name:串口助手使用说明.pdf
File size:150'337 bytes
SHA256 hash: 1c289bc758b5c31fef34dbd26d77745640ae0f0f7ed8c9328e8a51bfb9c6a1d0
MD5 hash: 27419ad4a97e4c441a6971a640fa941d
MIME type:application/pdf
File name:调试软件简介.txt
File size:332 bytes
SHA256 hash: b395b5a4d0e343b907f8a4f086b4b214a081ad10f5f819ad62b38b394f326288
MD5 hash: 5e3a3d0e4b6f032f6f696449ee2f1ac7
MIME type:text/plain
File name:sscom.ini
File size:2'065 bytes
SHA256 hash: a7a31e50a123588382145e541644f28865e1a46d4f52727b3c1173b14bfc0528
MD5 hash: 089e3d7f2fdadf46131daad83399ba1e
MIME type:text/plain
Vendor Threat Intelligence
Details
No details
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=692bfda1f9fd2d5f941f2bc4
Tags:
n/a
Gathering data
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/b9bdb84167be00581ef100106f58391145e2721f272417c54ad6f7a830ec0683
Result
Gathering data
Gathering data
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=xg63qqlhxyafqhxraaig6wbzcfc6e4q7e4sbprkk2332qmhma2bq._file
Result
Malware family:
n/a
Score:
  7/10
Tags:
adware discovery link pdf qr spyware upx
Link:
https://tria.ge/reports/251130-j98fssxpcr/
Behaviour
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
System Location Discovery: System Language Discovery
Loads dropped DLL
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/b9bdb84167be00581ef100106f58391145e2721f272417c54ad6f7a830ec0683

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

rar b9bdb84167be00581ef100106f58391145e2721f272417c54ad6f7a830ec0683

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3721055/
  
Delivery method
Distributed via web download

Comments