MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 bcd72ed7eaa6f32678274f099ec215089ec4c3bd7dcf8739662ab83216741515. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 4 Yara Comments

SHA256 hash: bcd72ed7eaa6f32678274f099ec215089ec4c3bd7dcf8739662ab83216741515
SHA1 hash: a3ff88dbc6acbd551cfcc53ed2f7516f59dab66d
MD5 hash: b46d6141b9de26d4ca502fde75248389
File name:Missing
Download: download sample
Signature n/a
File size:39'038 bytes
First seen:2020-05-23 07:26:25 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 768:6/U64ffeGQCYctWVpE4B5FY9PhWk3AmG5R/0Mab5mODjz0wQhKBv5cJR/dd5x:u7Of2ItQE4VkPhWk45R/0cOvz0wQhK2r
TLSH 4103F14CF4FC072CAB50695720DDC3669FA64071C6FE93B05638B04BB0D96E6A6B35E2
Reporter @abuse_ch
Tags:NjRAT RAT zip

Malspam distributing njrat:

Sending IP:
From: Una Tormey <>
Subject: Invoice 56493 from O.K. finboroughschool
Attachment: Missing (contains "Missing Invoices.jar")

Unknown RAT C2:


Mail intelligence
Trap location Impact
Global Low
# of uploads 1
# of downloads 21
Origin country US US
VirusTotal:Virustotal results 32.76%
ReversingLabs :No data

File information

The table below shows additional information about this malware sample such as delivery method and external references.


zip bcd72ed7eaa6f32678274f099ec215089ec4c3bd7dcf8739662ab83216741515

(this sample)

Delivery method
Distributed via e-mail attachment