MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 bf4a2ecb6b10947bab6eac217c1f8882b9f85c67d296ed419f4a39c6951ad013. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Threat unknown
Vendor detections: 5
| SHA256 hash: | bf4a2ecb6b10947bab6eac217c1f8882b9f85c67d296ed419f4a39c6951ad013 |
|---|---|
| SHA3-384 hash: | 2ceeb3a248e5e4944f256a01481e87f3cc9f9ab51570d8b250ea98d774cf3ef3477e78a63acd4aa5f31796e115e85db1 |
| SHA1 hash: | 2849cd084b9d424fe7c017785ca3aed1e55b76d4 |
| MD5 hash: | 782cee7e86cb464d939c0d9e6c5c7a24 |
| humanhash: | mars-carolina-montana-iowa |
| File name: | Haridsen Trading & Ind Service - Items List and Spec.z |
| Download: | download sample |
| File size: | 6'620 bytes |
| First seen: | 2022-10-21 07:41:14 UTC |
| Last seen: | Never |
| File type: | z |
| MIME type: | application/x-rar |
| ssdeep | 96:TIRIU1aVrmHiYb6vDOId/G2huGdRG+q/8nLGC+VII5ldO3oxg2LAILXWdy2n:TTU17HEvSp2IGQP0GHzld9xgGAc/2n |
| TLSH | T109D17DC3D2E98865051F45D25C33EC968AC123216735329A427EC36D7F86DDE3988BA6 |
| TrID | 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1) 38.4% (.RAR) RAR compressed archive (gen) (5000/1) |
| Reporter |  cocaman |
| Tags: | z |
cocaman
Malicious email (T1566.001)From: ""Nguyen Chung" <info@vitadairy.vn>" (likely spoofed)
Received: "from [37.139.128.203] (unknown [37.139.128.203]) "
Date: "21 Oct 2022 07:06:12 +0200"
Subject: "Quote Request"
Attachment: "Haridsen Trading & Ind Service - Items List and Spec.z"
Intelligence
File Origin
# of uploads :
1
# of downloads :
146
Origin country :
n/a
File Archive Information
This file archive contains 11 file(s), sorted by their relevance:
| File name: | version.txt |
|---|---|
| File size: | 1'566 bytes |
| SHA256 hash: | 6866991420f6b5f6701694261c198bc0bb1e62a37d52f406d1ebb931ba727e23 |
| MD5 hash: | 061eb31c0a59787937143ee2c003a19d |
| MIME type: | application/octet-stream |
| File name: | 32512 |
|---|---|
| File size: | 132 bytes |
| SHA256 hash: | 7a210611d547ddf229d00c3e917b21927db813cb88edc5cc3340e6b9e2798739 |
| MD5 hash: | d2e366c1041a910a722e3260ff753d1d |
| MIME type: | application/octet-stream |
| File name: | 9.ico |
|---|---|
| File size: | 1'150 bytes |
| SHA256 hash: | 5df5394dbbab8ecd71b1d040f7f70342446b8ae54e78276a307d5a5ad76841ca |
| MD5 hash: | 232decad67626694dcc1540efae59407 |
| MIME type: | image/vnd.microsoft.icon |
| File name: | 2.ico |
|---|---|
| File size: | 67'646 bytes |
| SHA256 hash: | cce43dc0a5f62864e4c8528a8d22989e669e583b4cbbe67723a80a0f7111bbf2 |
| MD5 hash: | 272be4372f6e79cca55fc33f7206ab06 |
| MIME type: | image/vnd.microsoft.icon |
| File name: | 6.ico |
|---|---|
| File size: | 9'662 bytes |
| SHA256 hash: | c9f4400848128306a5e3640afe2fe1282fd2b324a3bc67eb072d04fe9a1ef244 |
| MD5 hash: | 1e895d54a0a32788a10fa86748af0caf |
| MIME type: | image/vnd.microsoft.icon |
| File name: | 3.ico |
|---|---|
| File size: | 38'078 bytes |
| SHA256 hash: | 8869c9c9320651b1f1078b794516ed62e5f6d7e096d0506af9b12e42ce81867c |
| MD5 hash: | 4002631b38d85fb75a23835410eb62e7 |
| MIME type: | image/vnd.microsoft.icon |
| File name: | 5.ico |
|---|---|
| File size: | 16'958 bytes |
| SHA256 hash: | 7ec54c5ea0f66bb5ca115829533f95961da2f37178bd61f9c836bc0c5a308c18 |
| MD5 hash: | 1ef4d07592e5bfbb2fac5b5c5d16a2ab |
| MIME type: | image/vnd.microsoft.icon |
| File name: | 8.ico |
|---|---|
| File size: | 2'462 bytes |
| SHA256 hash: | fdaef2178f67b91fba8533ad57dc2231477b28526df1638ee576a9adbcd8d485 |
| MD5 hash: | 531afb54217ebffa4ab0d6f762ef1616 |
| MIME type: | image/vnd.microsoft.icon |
| File name: | 1 |
|---|---|
| File size: | 490 bytes |
| SHA256 hash: | 539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a |
| MD5 hash: | b7db84991f23a680df8e95af8946f9c9 |
| MIME type: | text/xml |
| File name: | 4.ico |
|---|---|
| File size: | 21'662 bytes |
| SHA256 hash: | b91444c7ef671f01c0be6b7c22ce6d5ddb2ef63d040af1ae97395aac0b11bf48 |
| MD5 hash: | 20c4f01bf89cf4e64baa0cb9474b74d8 |
| MIME type: | image/vnd.microsoft.icon |
| File name: | 7.ico |
|---|---|
| File size: | 4'286 bytes |
| SHA256 hash: | 225e1e05a2df10565c87499922ffd681108c9928681b24501483efb5639290e5 |
| MD5 hash: | 61f32de89c74fbd155285228465e8d5b |
| MIME type: | image/vnd.microsoft.icon |
Vendor Threat Intelligence
Verdict:
Suspicious
Threat level:
5/10
Confidence:
100%
Result
Verdict:
UNKNOWN
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Threat name:
ByteCode-MSIL.Trojan.Scarsi
Status:
Malicious
First seen:
2022-10-21 17:29:11 UTC
File Type:
Binary (Archive)
Extracted files:
19
AV detection:
15 of 42 (35.71%)
Threat level:
5/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.92
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
z bf4a2ecb6b10947bab6eac217c1f8882b9f85c67d296ed419f4a39c6951ad013
(this sample)
exe Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.