MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 cb198828cff80a460fdd25ca9ce1fea6c346a2ee01a17170ed7aabf7fdead48b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Threat unknown
Vendor detections: 4
| SHA256 hash: | cb198828cff80a460fdd25ca9ce1fea6c346a2ee01a17170ed7aabf7fdead48b |
|---|---|
| SHA3-384 hash: | c14ce5e9c3822ccd02bfe91d28d27b4684eb37709fe0b8848524c5cb2abb30e65553dadd473c50168a5a0805d1530ca4 |
| SHA1 hash: | 2b599f85b3cd71256c0beb0d86a5451cf58a66b7 |
| MD5 hash: | a8c21ed35e819cafa77bd4e2887aab2e |
| humanhash: | arkansas-blue-item-march |
| File name: | a8c21ed35e819cafa77bd4e2887aab2e |
| Download: | download sample |
| File size: | 212'992 bytes |
| First seen: | 2020-11-17 15:44:45 UTC |
| Last seen: | Never |
| File type: |  exe |
| MIME type: | application/x-dosexec |
| imphash | 03ae0108c7455c49c94d2d60afa1e57a (1 x Worm.Ramnit) |
| ssdeep | 6144:3zqsvPi5k7ZXGTeXS8JPW6B+aBVnpkEj1:3zqsvPTWTGJlka5kC |
| Threatray | 187 similar samples on MalwareBazaar |
| TLSH | 91248D1536EAC4D1E06B9F3449DEC25EE9B3BC33DB62562B288C33DE18711A89D41F61 |
| Reporter |  seifreed |
Intelligence
File Origin
# of uploads :
1
# of downloads :
55
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:
Behaviour
Sending a UDP request
Creating a window
Creating a file in the Windows directory
Running batch commands
Creating a process with a hidden window
Launching the default Windows debugger (dwwin.exe)
Creating a process from a recently created file
Creating a file in the Windows subdirectories
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Threat name:
Win32.Trojan.Aenjaris
Status:
Malicious
First seen:
2020-11-08 07:29:00 UTC
AV detection:
26 of 28 (92.86%)
Threat level:
5/5
Verdict:
unknown
Similar samples:
+ 177 additional samples on MalwareBazaar
Unpacked files
SH256 hash:
cb198828cff80a460fdd25ca9ce1fea6c346a2ee01a17170ed7aabf7fdead48b
MD5 hash:
a8c21ed35e819cafa77bd4e2887aab2e
SHA1 hash:
2b599f85b3cd71256c0beb0d86a5451cf58a66b7
SH256 hash:
a9e07f365be873ef0d5883130daa31ee66f56aac59464ed577386183e87fe04b
MD5 hash:
194167c6012c0890a87e26a740f463de
SHA1 hash:
b25620c53c43574b3ae5cc1453a89aae74a91aa9
SH256 hash:
661e1bef83f531b55f6a8bda2d2d6a6b2a730d081252e970eab4ed683a1c3f95
MD5 hash:
d5bb0f8c2c0b15755d54a1f72c06d377
SHA1 hash:
5b0b1b70e9b52d5bff30af07131a926b307ddccf
SH256 hash:
a821907fe18d9b8b9879edb1a612228834aa3357d32b0269e85c6c119bc67964
MD5 hash:
b1ce10a7919d9802bb347471c1ba2ad8
SHA1 hash:
c6fc2a59510d1a5abc4e2357bf03d01ba19c3ac2
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Delivery method
Other
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.