MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 cb3ccebc84bf047a11cc16e738f0822a2b62c6b840e1bba795bfcb65b7e990d2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 6


Intelligence 6 IOCs YARA 1 File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: cb3ccebc84bf047a11cc16e738f0822a2b62c6b840e1bba795bfcb65b7e990d2
SHA3-384 hash: ac7b08d4e091944d75553c5e19fb42d261a732a80f586e9b2e3ff0e9b4002f463ee7b878d381b3670b377ad5d501a3b2
SHA1 hash: 42d5e84402239349475a3cdf8a99fdaf0ad1cb6a
MD5 hash: e8a4d6238abe50568395003edf752131
humanhash: saturn-four-mike-neptune
File name:SecuriteInfo.com.Trojan.Win32.Ymacco.7532.2007
Download: download sample
File size:16'420 bytes
First seen:2025-12-28 10:26:35 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
ssdeep 384:ZtkdWYBk0hOk0RJMJrwQiUnMNDK7oTlxSj28zRPWM:cdm0jKJM6UnEK7oT6C7M
TLSH T1CD72F8B5F685D272FD5802F5093A67BBBA39D635975094C3C7326CF088027F896B988C
TrID 42.7% (.EXE) Win32 Executable (generic) (4504/4/1)
19.2% (.EXE) OS/2 Executable (generic) (2029/13)
19.0% (.EXE) Generic Win/DOS Executable (2002/3)
18.9% (.EXE) DOS Executable Generic (2000/1)
Magika pebin
Reporter SecuriteInfoCom
Tags:exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
121
Origin country :
FR FR
Vendor Threat Intelligence
No detections
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/46275/
Detection(s):
SecuriteInfo.com.Trojan.Win32.Ymacco.7532.2007.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
91.7%
Link:
https://cyber-fortress.com/docs/result/index.php?id=695106014503237b77fbf9f8
Tags:
injection corrupt obfusc
Verdict:
Unknown
Threat level:
  2.5/10
Confidence:
100%
Tags:
microsoft_visual_cc overlay packed zero
Link:
https://www.filescan.io/uploads/695105ffe126b9ff4393dd49/reports/adba9706-4261-4c9b-8a28-98cfdf5926a4/overview
Verdict:
Malicious
Labled as:
Malware_69.7
Link:
https://www.hybrid-analysis.com/sample/cb3ccebc84bf047a11cc16e738f0822a2b62c6b840e1bba795bfcb65b7e990d2
Verdict:
Malicious
File Type:
exe x32
First seen:
2025-12-28T05:07:00Z UTC
Last seen:
2025-12-30T03:30:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/cb3ccebc84bf047a11cc16e738f0822a2b62c6b840e1bba795bfcb65b7e990d2/results?tab=lookup
Verdict:
Suspicious
Link:
https://analyze.intezer.com/analyses/127bfbdd-b1a1-45b4-8e7f-a547cd715516
Score:
7%
Verdict:
Benign
File Type:
PE
Link:
https://malprob.io/report/cb3ccebc84bf047a11cc16e738f0822a2b62c6b840e1bba795bfcb65b7e990d2
Verdict:
inconclusive
YARA:
4 match(es)
Tags:
Executable PE (Portable Executable) PE Memory-Mapped (Dump)
Link:
https://app.malva.re/file/e8a4d6238abe50568395003edf752131
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/cb3ccebc84bf047a11cc16e738f0822a2b62c6b840e1bba795bfcb65b7e990d2/
Verdict:
Malicious
Threat:
DangerousObject.Multi
Link:
https://tip.neiki.dev/file/cb3ccebc84bf047a11cc16e738f0822a2b62c6b840e1bba795bfcb65b7e990d2
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=zm6m5peex4chueomc3ttr4ecfivwfrvyidq3xj4vx7fwln7jsdja._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
n/a
Link:
https://tria.ge/reports/251228-mg6naavmbx/
Verdict:
Unknown
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/7d26a78d-ad3b-4646-a931-0a69c7a739d2
Unpacked files
SH256 hash:
cb3ccebc84bf047a11cc16e738f0822a2b62c6b840e1bba795bfcb65b7e990d2
MD5 hash:
e8a4d6238abe50568395003edf752131
SHA1 hash:
42d5e84402239349475a3cdf8a99fdaf0ad1cb6a
Link:
https://www.unpac.me/results/1fd9cce9-5b52-4d73-8244-95759e7e560a/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.14
Link:
https://yomi.yoroi.company/submissions/cb3ccebc84bf047a11cc16e738f0822a2b62c6b840e1bba795bfcb65b7e990d2

YARA Signatures

MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.

Rule name:pe_no_import_table
Create hunting rule
Description:Detect pe file that no import table

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Executable exe cb3ccebc84bf047a11cc16e738f0822a2b62c6b840e1bba795bfcb65b7e990d2

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3745192/
  
Delivery method
Distributed via web download
Cape
Cape
https://www.capesandbox.com/analysis/46275/

Comments