MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 bb1944c75f8b5e024c3158def1b4374cdc2a9b932533de1ba6440db04306b6ce. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: bb1944c75f8b5e024c3158def1b4374cdc2a9b932533de1ba6440db04306b6ce
SHA3-384 hash: f3ef408d0a73eb8ef1dd15199233f522da21cf4acf11098e9b5ccd59fc8fb7d6b554ed52a672b6c4262e00332378960e
SHA1 hash: 8a818e7da3d74db4c7d4eb50b9f4cddff9956071
MD5 hash: ebdc7f5d198d52b4ee3e1a2995f89a38
humanhash: oven-sierra-crazy-illinois
File name:ebdc7f5d198d52b4ee3e1a2995f89a38.exe
Download: download sample
File size:36'025 bytes
First seen:2020-10-08 05:21:25 UTC
Last seen:2020-10-08 05:48:53 UTC
File type:Executable exe
MIME type:application/x-dosexec
ssdeep 768:j14PCzmFalr3xhyStDuO3KZPuPdClGgyf0LN:vyXeNg60p
TLSH 8FF26D31A8F0C072C49638B6C839A7F05F6D89212775EACBA76619351F706C1A53F29F
Reporter abuse_ch
Tags:exe

Intelligence

File Origin
# of uploads :
2
# of downloads :
101
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/69068/
Result
Verdict:
Malware
Maliciousness:
Result
Threat name:
Unknown
Detection:
suspicious
Classification:
n/a
Score:
21 / 100
Link:
https://www.joesandbox.com/analysis/484922
Signature
a
c
d
e
f
g
h
i
L
M
n
o
p
r
s
t
Behaviour
Behavior Graph:
Download SVG
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/bb1944c75f8b5e024c3158def1b4374cdc2a9b932533de1ba6440db04306b6ce/
Threat name:
Win32.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-10-08 05:23:05 UTC
AV detection:
15 of 29 (51.72%)
Threat level:
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201008-bxwbbm2stn/
Unpacked files
SH256 hash:
bb1944c75f8b5e024c3158def1b4374cdc2a9b932533de1ba6440db04306b6ce
MD5 hash:
ebdc7f5d198d52b4ee3e1a2995f89a38
SHA1 hash:
8a818e7da3d74db4c7d4eb50b9f4cddff9956071
Link:
https://www.unpac.me/results/0e9735c9-0bae-4be3-82a4-9b5926f045d8/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.30
Link:
https://yomi.yoroi.company/submissions/bb1944c75f8b5e024c3158def1b4374cdc2a9b932533de1ba6440db04306b6ce

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Executable exe bb1944c75f8b5e024c3158def1b4374cdc2a9b932533de1ba6440db04306b6ce

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/372395/
  
Delivery method
Distributed via web download
Cape
Cape
https://www.capesandbox.com/analysis/69068/

Comments