MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 cc2c9b6a03c60515e48c738fdc2f6f8bb1c3a09a8997168f01d813f48a57925a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 5 Yara Comments 1

SHA256 hash: cc2c9b6a03c60515e48c738fdc2f6f8bb1c3a09a8997168f01d813f48a57925a
SHA3-384 hash: e850ed650c8839d5d2453bd1dd9aac2900ee0b66b783179b7b58fa65c3253afc6f4e1961589d2aac3b856a615b9e4027
SHA1 hash: b65b553b4e8427a52666f0d70f73b032fa58c3d3
MD5 hash: 1325429459053bd643c4f98753ee19d7
humanhash: shade-march-south-comet
File name:COVID-19 TIPS.gz
Download: download sample
Signature n/a
File size:698'575 bytes
First seen:2020-03-18 15:01:40 UTC
Last seen:Never
File type: gz
MIME type:application/x-rar
ssdeep 12288:AFLscrKdB/GO+c/yR+VD0Q3RGySgpQB9PIaCZ7k6KvFiACV8A:avrwJ+cfV0Q3RGy5wdIaJ6vtb
TLSH EAE4333D8D0EDB41636622B3808CE9EB7E173FBDB46F35365428D65D03A8E52209279C
Reporter @cocaman
Tags:COVID-19 gz


Mail intelligence
Trap location Impact
IT Italy Low
CH Switzerland Low
Global High
NL Netherlands Low
# of uploads 1
# of downloads 44
Origin country US US
ClamAV No detection
CERT.PL MWDB Gathering data
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Injector
First seen:2020-03-19 03:56:14 UTC
AV detection:19 of 31 (61.29%)
Threat level:   2/5
Spamhaus Hash Blocklist :Suspicious file
VirusTotal:Virustotal results 20.00%

File information

The table below shows additional information about this malware sample such as delivery method and external references.


gz cc2c9b6a03c60515e48c738fdc2f6f8bb1c3a09a8997168f01d813f48a57925a

(this sample)


Corsin Camichel commented on 2020-03-18 15:02:50 UTC

Subject: 'SAFETY COVID-19 (Coronavirus Virus) AWARENESS - Safety Measures'; WHO and Coronavirus themed lure