MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 cd9bc71c5ff7f2bc1d922a8e0c990c4cf70f5bbb917343fb47b16b149a60d094. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 1 Yara Comments

SHA256 hash: cd9bc71c5ff7f2bc1d922a8e0c990c4cf70f5bbb917343fb47b16b149a60d094
SHA3-384 hash: cbe187674991dfb787b298a911d7876d8768a1bd2f8865d1702eb51b68b87da0c3886df1052f0d829ec97a18f495faa6
SHA1 hash: 2c1fcc1ca2dd38989c5c75a16708aa0ee193d93f
MD5 hash: e4e981dd18388d81587a2d3dac6565c7
humanhash: johnny-zebra-fanta-earth
Download: download sample
Signature n/a
File size:850'435 bytes
First seen:2020-06-30 09:52:42 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:ni0HV+1xxsVtINrncAZ7qX73z7iP/iN0ID6G4eN+htx5G2xqfyms2ZXfLIf:ndV+1xkmrncAZt/iAGlExEiOsmi
TLSH 0D053301B012A7AFB3757BB41EBE01B1B3364299812B53DDB7EDE68213052B541DCB9E
Reporter @jarumlus


Mail intelligence
Trap location Impact
CH Switzerland Low
Global Low
# of uploads 1
# of downloads 26
Origin country US US
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Document-Word.Trojan.Powdow
First seen:2020-06-29 12:45:03 UTC
AV detection:19 of 48 (39.58%)
Threat level:   2/5
Spamhaus Hash Blocklist :Suspicious file
VirusTotal:Virustotal results 30.65%

File information

The table below shows additional information about this malware sample such as delivery method and external references.


zip cd9bc71c5ff7f2bc1d922a8e0c990c4cf70f5bbb917343fb47b16b149a60d094

(this sample)

Delivery method
Distributed via e-mail attachment