MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d36991c658e243e151c3969540a68c47763e73cf1fe8de00fc42c8477b96bc9f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments

SHA256 hash: d36991c658e243e151c3969540a68c47763e73cf1fe8de00fc42c8477b96bc9f
SHA3-384 hash: 908c67f7b0ff518959e27d1fc8223f1f5e8edad816e15a3cad57fd5f7a602797653aea897228d192921d266f4971802b
SHA1 hash: 6316d1948980616b4e897b2ba981e5c2af3ff55d
MD5 hash: 20e14156388cfdce5c93e706e31285cd
humanhash: william-romeo-texas-zulu
File name:mary4
Download: download sample
Signature n/a
File size:286'040 bytes
First seen:2022-08-05 07:01:32 UTC
Last seen:Never
File type:unknown
MIME type:text/plain
ssdeep 3072:7C3QDo0wxErujytK1TqWwYu0gitoFBJUy526PePhcBf2+nO6F37mQTEJQT+Y:e3TISjy2TU0g1PgSKof2+nO6FL1BT+Y
TLSH T1AD543C3223437C8E77BB1F88B8013DA04CEB38D763E29439B6C4875691ABA54DD19D79
Reporter @JAMESWT_MHT
Tags:208-67-105-125

Intelligence


File Origin
# of uploads :
1
# of downloads :
144
Origin country :
IT IT
Mail intelligence
No data
Vendor Threat Intelligence
Verdict:
No Threat
Threat level:
  2/10
Confidence:
100%
Tags:
hacktool obfuscated
Result
Verdict:
MALICIOUS
Threat name:
ByteCode-MSIL.Infostealer.DarkStealer
Status:
Malicious
First seen:
2022-08-05 07:02:09 UTC
File Type:
Text (PowerShell)
AV detection:
11 of 26 (42.31%)
Threat level:
  5/5

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Comments