MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ccd64d0add52c5b308c05bd9e82a9554820462195bbd6aed1be1aa3003d9b623. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ccd64d0add52c5b308c05bd9e82a9554820462195bbd6aed1be1aa3003d9b623
SHA3-384 hash: 42648a95e94ef412cde8fc89c8858b81d45c65102d83868bd4c32c5c2884ae3abde701892dc73d618d4a5caf5575331e
SHA1 hash: c6ee896c2026eaf9224ad0a014fa9480eccc317d
MD5 hash: a1d743c599c2b4201509ef6219f72cd4
humanhash: one-floor-nineteen-dakota
File name:DACHSER CONSULTA DECLIENTE SALIENTE NO. 000150849.R00
Download: download sample
File size:8'580 bytes
First seen:2020-08-05 11:35:58 UTC
Last seen:Never
File type: r00
MIME type:application/x-rar
ssdeep 192:nw64Xo4zZ/CQKO5LGByp/TVupJqy0j3HJU7Kep:T54l+8p/TVupQy0LHJk
TLSH 4602BFC85FA50C423E4BD5BB1461CF560D2D3A1BA7BA6F74724520D51B84553FE3C550
Reporter abuse_ch
Tags:ESP geo r00


Avatar
abuse_ch
Malspam distributing unidentified malware:

From: sonia.aparicio@es.dachser.com
Subject: Dachser: Consulta de cliente saliente no. 000150849
Attachment: DACHSER CONSULTA DE CLIENTE SALIENTE NO. 000150849.R00 (contains "Dachser Consulta de cliente saliente no. 000150849 - SKBMT03082020-0012-IMG0149.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
53
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/ccd64d0add52c5b308c05bd9e82a9554820462195bbd6aed1be1aa3003d9b623/
Threat name:
Win32.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-08-05 09:03:54 UTC
AV detection:
6 of 48 (12.50%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ztle2cw5klc3gcgalpm6qkuvksbaiyqzlo6wv3i34gvdaa6zwyrq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/ccd64d0add52c5b308c05bd9e82a9554820462195bbd6aed1be1aa3003d9b623

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

r00 ccd64d0add52c5b308c05bd9e82a9554820462195bbd6aed1be1aa3003d9b623

(this sample)

Executable exe af7abf4770db042bf4efafdb4272fa96aab841951b99d54954dc7c95d619f4e0

  
Dropping
MD5 2d94fb303b92ea5cbec13e9e65dce690
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 af7abf4770db042bf4efafdb4272fa96aab841951b99d54954dc7c95d619f4e0

Comments