MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 d54dcd4cbe1b1243202ebdd890263174310e10be20d3b43988e2c04dcda07097. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
ModiLoader
Vendor detections: 3
| SHA256 hash: | d54dcd4cbe1b1243202ebdd890263174310e10be20d3b43988e2c04dcda07097 |
|---|---|
| SHA3-384 hash: | c5a3fbacddb3ab948be525fddf4f96b72058c331fe6f485f614c6d3da4fb9e8b05b3c8c2a1641a24653ae8c4e26a2ec1 |
| SHA1 hash: | fda785567ed1c91fc249c49a688c1a16aa9e510a |
| MD5 hash: | cca300f573abbf5695b23acfdab222ad |
| humanhash: | victor-neptune-violet-july |
| File name: | docs090.zip |
| Download: | download sample |
| Signature | ModiLoader |
| File size: | 466'865 bytes |
| First seen: | 2020-10-21 08:55:16 UTC |
| Last seen: | Never |
| File type: | zip |
| MIME type: | application/zip |
| ssdeep | 12288:sytkrAv3M+yTJLP8eQnnfTMlHGccqZJsa14PD5IxlgJo:btEA4h4nfgmch49CP/ |
| TLSH | F7A423350AF143DE52B11B6FCE461B616B2D75B049FE6A97CA820BDF18C9B4CB70102E |
| Reporter |  abuse_ch |
| Tags: | ModiLoader zip |
abuse_ch
Malspam distributing unidentified malware:From: "Giorgio Rabotti" <g.rabotti@gevac.com>
Subject: Richiesta di preventivo
Attachment: docs090.zip (contains "docs090.exe")
Intelligence
File Origin
# of uploads :
1
# of downloads :
73
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Threat name:
Win32.Trojan.Remcos
Status:
Malicious
First seen:
2020-10-21 07:00:06 UTC
AV detection:
22 of 29 (75.86%)
Threat level:
5/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.