MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 bc21f48e11d231619118d5da2ce1d12e280df3d17bcc941c61573268d8767140. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: bc21f48e11d231619118d5da2ce1d12e280df3d17bcc941c61573268d8767140
SHA3-384 hash: 360d15a54277aef93eb830de1bbc02128d3e497e1ae7053aa174be2133bdcea181f20fb974c4c893fa9e74469fc0987b
SHA1 hash: 9ab22dcd6b932673908e92baf53a37512f3ac1b7
MD5 hash: db8dd521e60c3e292ac55cf66a3567f9
humanhash: lactose-purple-east-whiskey
File name:nuevkadll
Download: download sample
File size:14'336 bytes
First seen:2023-07-08 10:46:06 UTC
Last seen:Never
File type:unknown
MIME type:text/plain
ssdeep 192:In+E8JtpKMcK+H2OVtG2qsXFQlcaAWMs67Z69cntrDEGrx7wnme6Qw9:6MtUWSG2qsXFccFWMs67CQ7wmeve
TLSH T18F521B361A17FDF46BBF2C81F4043A821C89793B876856ADFBC921E51DE9510DF2A824
Reporter JAMESWT_WT
Tags:91-213-50-74

Intelligence

File Origin
# of uploads :
1
# of downloads :
61
Origin country :
IT IT
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Generic-EXE.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.PUA.Base64EXE-2.UNOFFICIAL
Create hunting rule

Verdict:
Suspicious
Threat level:
  5/10
Confidence:
100%
Tags:
obfuscated
Link:
https://www.filescan.io/uploads/64a93ea6dbb9e835463f0afb/reports/dbaf31b0-cc7f-4c29-a596-cee875c35205/overview
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/bc21f48e11d231619118d5da2ce1d12e280df3d17bcc941c61573268d8767140
Result
Verdict:
MALICIOUS
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/bc21f48e11d231619118d5da2ce1d12e280df3d17bcc941c61573268d8767140/
Threat name:
ByteCode-MSIL.Trojan.Tedy
Create hunting rule
Status:
Malicious
First seen:
2023-01-12 01:11:43 UTC
File Type:
Text
AV detection:
9 of 38 (23.68%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=xqq7jdqr2iywdeiy2xnczyorfyua346rppgjihdbk4zgrwdwofaa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/bc21f48e11d231619118d5da2ce1d12e280df3d17bcc941c61573268d8767140

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

unknown bc21f48e11d231619118d5da2ce1d12e280df3d17bcc941c61573268d8767140

(this sample)

AndeLoader

DLL dll 83af4121927b0e4f586c0e69a350678894324fa2cc2b8f8cd0adca2d0f4c485c

  
URLhaus
https://urlhaus.abuse.ch/url/2678673/
  
Delivery method
Distributed via web download
  
Dropping
SHA256 83af4121927b0e4f586c0e69a350678894324fa2cc2b8f8cd0adca2d0f4c485c
  
Dropping
MD5 55aebc396de35dbcdca6d31947adf04f

Comments