MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 cf5622a3fca50494f4b26f78ddc3d71a4f4eb0eefebf8333046c7559927c97c6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: cf5622a3fca50494f4b26f78ddc3d71a4f4eb0eefebf8333046c7559927c97c6
SHA3-384 hash: d1f546d27da9601517fcc2acf95b88c844d40e261931108db7af48a797d9e133b87e9b601382492b8ed5e4f9b2b92acf
SHA1 hash: 7f7851974c539b745e708f3f051bc5193e51d292
MD5 hash: 1ce7b6204a96723233f1016532a4d71b
humanhash: speaker-mango-pennsylvania-xray
File name:P.O. 27000446.r15
Download: download sample
File size:1'108'080 bytes
First seen:2020-12-03 17:45:10 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 24576:zvq8dM/g4xfCzMdaGkn+lyvhwjvA8yGFk9nWvOozK0asa0vh516f89y:G2M/g44zMdaz+U4vA8eWv/KoB1py
TLSH 1B3533DF614EB307CC91357F66D5DA5346709CC683C8CA9A8B963212AEDF878EF41122
Reporter abuse_ch
Tags:r15


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: webmail.cyber.net.pk
Sending IP: 203.101.175.37
From: Glenda Pigato <sstc786@cyber.net.pk>
Subject: AW: REQUEST FOR PRICES - PO:No. 90058319
Attachment: P.O. 27000446.r15 (contains "P.O. # 27000446.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
146
Origin country :
n/a
Vendor Threat Intelligence
Result
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/cf5622a3fca50494f4b26f78ddc3d71a4f4eb0eefebf8333046c7559927c97c6/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=z5lcfi74uucjj5fsn54n3q6xdjhu5mho727ygmyenr2vtet4s7da._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/cf5622a3fca50494f4b26f78ddc3d71a4f4eb0eefebf8333046c7559927c97c6

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

rar cf5622a3fca50494f4b26f78ddc3d71a4f4eb0eefebf8333046c7559927c97c6

(this sample)

Executable exe e269a0a80ef9a959478dda3ba3cf46af09b86e01cf8f9fefdf2a997e793aa1b0

  
Dropping
MD5 b6e0c14c4aed41ad911b56655d40c72b
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 e269a0a80ef9a959478dda3ba3cf46af09b86e01cf8f9fefdf2a997e793aa1b0

Comments