MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b9c99eda8140926d3467adcba05115371abe4400222e21ef848143a62e465282. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Jadtre

Vendor detections: 5

Intelligence 5 IOCs YARA File information Comments

SHA256 hash:	b9c99eda8140926d3467adcba05115371abe4400222e21ef848143a62e465282
SHA3-384 hash:	084ca4789019b28ee05b831981c983ab389c05fa15e93dd7642001809dc85c6c20d39c5d05be4e94b816c9bd0378a5d5
SHA1 hash:	5e9fa2a6c372a80eb20fb23f9b481bef963df670
MD5 hash:	e80bde3a6115ea6e714683b80b1f5325
humanhash:	artist-undress-carpet-hamper
File name:	b22fdc6fb049c5e4accdba4f644a1d68
Download:	download sample
Signature	Jadtre Create hunting rule
File size:	27'136 bytes
First seen:	2020-11-17 14:37:57 UTC
Last seen:	Never
File type:	exe
MIME type:	application/x-dosexec
imphash	87bed5a7cba00c7e1f4015f1bdae2183 (3'034 x Jadtre, 23 x IcedID, 17 x Blackmoon)
ssdeep	768:Id5u7mNGtyVfjRQGPL4vzZq2oZ7Gtx3yor:Id5z/fyGCq2w7n
Threatray	1'310 similar samples on MalwareBazaar
TLSH	2FC2D072CE8080FFC0CB3472208512CBDB575A72556A78A7A710981E7CBCDD0DA7A753
Reporter	seifreed

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

n/a

Vendor Threat Intelligence

Detection(s):

PUA.Win.Packer.Asprotect-3

Win.Malware.Vtflooder-6260355-1

Win.Malware.Cerbu-9789017-0

Result

Verdict:

Malware

Maliciousness:

Behaviour

Creating a file in the %temp% directory

Creating a process from a recently created file

Creating a window

Changing an executable file

DNS request

Connection attempt

Sending an HTTP POST request

Modifying an executable file

Creating a file

Running batch commands

Creating a process with a hidden window

Connection attempt to an infection source

Infecting executable files

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/b9c99eda8140926d3467adcba05115371abe4400222e21ef848143a62e465282/

Threat name:

Win32.Virus.Jadtre

Status:

Malicious

First seen:

2020-11-17 14:38:38 UTC

AV detection:

46 of 48 (95.83%)

Threat level:

5/5

Verdict:

malicious

Unpacked files

SH256 hash:

b9c99eda8140926d3467adcba05115371abe4400222e21ef848143a62e465282

MD5 hash:

e80bde3a6115ea6e714683b80b1f5325

SHA1 hash:

5e9fa2a6c372a80eb20fb23f9b481bef963df670

Link:

https://www.unpac.me/results/15b28389-9a0c-45a3-b17f-ccc0bc50d899/

SH256 hash:

f998d8fc5ad93f98134e311f50fb3e97a7db42c1c980b16c35c24066a75358fc

MD5 hash:

954822cdaf3e3e01ba1e82c6a3295c6b

SHA1 hash:

5e93c7d8d752140302a1883ff41b43ac10272fb3

Detections:

win_unidentified_045_g0

win_unidentified_045_auto

Link:

https://www.unpac.me/results/15b28389-9a0c-45a3-b17f-ccc0bc50d899/

SH256 hash:

96406b024782fb03fc728483359d13093d5687911b888a95fe3532169667aa66

MD5 hash:

e7f8f92d8aa99cf82033163f039284e5

SHA1 hash:

7dd7f4a6fab5c4c84597c183d4375b0e6cfec000

Link:

https://www.unpac.me/results/15b28389-9a0c-45a3-b17f-ccc0bc50d899/

SH256 hash:

cde3449cf00058e4f093fc471f13b8221c40ec1c30ca52cde40f6bef9a53edd4

MD5 hash:

31ac5045c677b88ddfdc6f7bb75ebaf5

SHA1 hash:

d824473c5a114183ca12189e4364ac9ce1fa2a10

Link:

https://www.unpac.me/results/15b28389-9a0c-45a3-b17f-ccc0bc50d899/

SH256 hash:

2bb21845c86454e1de19f5637d80e0b4f09e3b62f2a17d71f9035e17270271f7

MD5 hash:

0af16294a2c3669d4136264124748440

SHA1 hash:

e3300b55f4d3d34b14f962f97de0a8724c4de7f0

Link:

https://www.unpac.me/results/15b28389-9a0c-45a3-b17f-ccc0bc50d899/

Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Delivery method

Other

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample