MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c7f40608ce8a3dda25c13d117790d08ef757b07b8c2ccb645a27a71adc322fb2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



IcedID


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments

SHA256 hash: c7f40608ce8a3dda25c13d117790d08ef757b07b8c2ccb645a27a71adc322fb2
SHA3-384 hash: 6f17405988f0bb509f6ae0666ad374078f1ee528d34b2b491989d551aae1f0957bae4bbb64b64487835d09ac41b391b6
SHA1 hash: e6b4c81676d3ef0d2f7d08a6cc2ad90eb54908c3
MD5 hash: 55d9eab53d4063a53b6ed05f7b1e75e7
humanhash: north-kilo-indigo-princess
File name:youTube.hta
Download: download sample
Signature IcedID
File size:3'342 bytes
First seen:2021-12-02 03:18:08 UTC
Last seen:Never
File type:HTML Application (hta) hta
MIME type:text/html
ssdeep 96:iOVvcNLnp15eL/XaxaFD1OIWCOrWETgAgQg+jgMo0Y01MDdq:iOVqb5Sa05OIWCSWETgAgQgKgu1o8
TLSH T14C61958DD800F7E61C4520E23E2E9D1E886C775301DDD46495EAA81A6EB8C943ECB7B7
Reporter @malware_traffic
Tags:BokBot hta IcedID Shathak TA551

Intelligence


File Origin
# of uploads :
1
# of downloads :
307
Origin country :
US US
Mail intelligence
No data
Vendor Threat Intelligence
Result
Verdict:
Malicious
File Type:
HTA File - Malicious
Alert level:
8%
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
regsvr32
Result
Verdict:
MALICIOUS
Threat name:
Script-JS.Trojan.Tnega
Status:
Malicious
First seen:
2021-12-02 03:19:07 UTC
File Type:
Text (HTML)
Extracted files:
4
AV detection:
17 of 45 (37.78%)
Threat level:
  5/5

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments