MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 d5179c49d25c407a327094e7eb23684b88582506ae9bc0602bcaae06f35708ef. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Adware.Generic
Vendor detections: 4
| SHA256 hash: | d5179c49d25c407a327094e7eb23684b88582506ae9bc0602bcaae06f35708ef |
|---|---|
| SHA3-384 hash: | 4341db14bac1f1c0e7b5790e80a6a7afbfca38b93d55833a4297ded52e082a3ff3c6aa41377b31d8fe269dcd56ca2388 |
| SHA1 hash: | ad0b3cdeffca971fe7e8c18f7a4f5a4b2b551b67 |
| MD5 hash: | 64112232ea04a55f89d0dfe43388f920 |
| humanhash: | oklahoma-ten-iowa-artist |
| File name: | Purchase Order# CITMCH_EM.zip |
| Download: | download sample |
| Signature | Adware.Generic |
| File size: | 331'855 bytes |
| First seen: | 2020-12-01 09:39:32 UTC |
| Last seen: | 2020-12-10 08:11:34 UTC |
| File type: | zip |
| MIME type: | application/zip |
| ssdeep | 6144:Vc7eyfw4yaEUTkqGyzd3GOgfz1GFpxo4MQAsca3EUYTags+6awlqqXL:I44ya1TkqGyz8OczceTQADa3EGg36auT |
| TLSH | FD64233A71472FE4B59A0C4D16EBB4A0FE10CFAEF5C9F04626BA1DD50EB501A6486CCD |
| Reporter |  GovCERT_CH |
Intelligence
File Origin
# of uploads :
29
# of downloads :
118
Origin country :
n/a
Vendor Threat Intelligence
Result
Gathering data
Threat name:
Win32.Trojan.Wacatac
Status:
Malicious
First seen:
2020-12-01 09:40:06 UTC
AV detection:
24 of 48 (50.00%)
Threat level:
5/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Formbook
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.