MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d279ddb6b2a566bc24e789b5181663491b8c2818cb91e28aae5721dcb0bf30b6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 4 File information Yara Comments

SHA256 hash: d279ddb6b2a566bc24e789b5181663491b8c2818cb91e28aae5721dcb0bf30b6
SHA3-384 hash: a9d4af33638065d00339e2823782364711e87424613943e7177aa28429c5cfe90b8f9cb506378e6e696eae1d12e78dc4
SHA1 hash: 2d9b653fbeacf6fb31ab6ada3e2b1557c597b7be
MD5 hash: bdf3e5409d32652de21352d194c219ee
humanhash: august-tennessee-muppet-mississippi
File name:muka.bin
Download: download sample
Signature n/a
File size:251'904 bytes
First seen:2020-07-31 13:23:08 UTC
Last seen:2020-07-31 13:57:27 UTC
File type:DLL dll
MIME type:application/x-dosexec
imphash cfdc0e1753a0feafbcb1fdda97b7ea9f
ssdeep 3072:GJEMyMfVmbftTtGOZFl2Lfda2DJ3/ray8SA3uAg0FujebI5JhgCL6cL:hfMfVmbFTtGQF0L9xOiAOSgLgu
TLSH 0F34C31366EDBCE6C07E1734377B93D5C72EED1095A1C82E66C0029A997C143BE22BE5
Reporter @JAMESWT_MHT

Intelligence


File Origin
# of uploads :
2
# of downloads :
36
Origin country :
IT IT
Mail intelligence
No data
Vendor Threat Intelligence
Result
Threat name:
Unknown
Detection:
clean
Classification:
n/a
Score:
7 / 100
Behaviour
Behavior Graph:
n/a
Threat name:
Win32.Trojan.Bluteal
Status:
Malicious
First seen:
2020-07-31 13:25:05 UTC
AV detection:
31 of 48 (64.58%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Behaviour
Suspicious use of WriteProcessMemory
Suspicious use of WriteProcessMemory
Threat name:
DriveBy Activity
Score:
0.90

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments