MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 cc2dd9adc47a58cd58d8c02beedcf5e9e2f9d14ab25a711e98e2015f8ec2039c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 3 Yara Comments

SHA256 hash: cc2dd9adc47a58cd58d8c02beedcf5e9e2f9d14ab25a711e98e2015f8ec2039c
SHA3-384 hash: 05bf6518c07d4b48f3823dc87f0a21d96c6a7aca6f1ee4696a92f6940b1fd486c525fae96b2defc81ba21d0f0cc1b86a
SHA1 hash: f8fd3cf575eac6d476b603de72c45879462c2250
MD5 hash: 339b0ebe20c8f89eed3dd290849ed749
humanhash: sad-finch-april-winter
Download: download sample
Signature n/a
File size:1'202'938 bytes
First seen:2020-06-30 12:26:47 UTC
Last seen:Never
File type: gz
MIME type:application/x-rar
ssdeep 24576:jIVz5av51+5Btykjbv9qlF7PSfUkus/Kpwf4wBcr0wT4RcKDg1a+R:2zSs7BjUH7P4RuLQ4Rr3T4/g1HR
TLSH A34533DBB8FB6B0406D54C7507C2296C30C552A31EEA3B0A22AE106475F767AFA58DD3
Reporter @jarumlus


Mail intelligence
Trap location Impact
DE Germany Low
CH Switzerland Low
Global Medium
# of uploads 1
# of downloads 28
Origin country US US
ClamAV No detection
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Injector
First seen:2020-06-30 12:28:06 UTC
AV detection:21 of 48 (43.75%)
Threat level:   2/5
Spamhaus Hash Blocklist :Suspicious file
VirusTotal:Virustotal results 24.59%

File information

The table below shows additional information about this malware sample such as delivery method and external references.


gz cc2dd9adc47a58cd58d8c02beedcf5e9e2f9d14ab25a711e98e2015f8ec2039c

(this sample)

Delivery method
Distributed via e-mail attachment