MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d6f98f5291cec1f95f72fdd63d0ad49239f9396de4c297b01929bb7cb0024b7e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Adware.Generic

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	d6f98f5291cec1f95f72fdd63d0ad49239f9396de4c297b01929bb7cb0024b7e
SHA3-384 hash:	cf3abab075ef61260b8148df0a735ffb14c349b7286bcc72aca5870fc78ac321477c938530ed68bcf05b9f8ffda696cb
SHA1 hash:	d2e85157c64e949cc7d49d2c3fff518e628130ae
MD5 hash:	641480e043153e3a8a84928e62f1d8bc
humanhash:	muppet-lemon-muppet-kentucky
File name:	Assigned Document.exe
Download:	download sample
Signature	Adware.Generic Create hunting rule
File size:	2'902'878 bytes
First seen:	2020-06-29 13:54:44 UTC
Last seen:	Never
File type:	exe
MIME type:	application/x-dosexec
imphash	7c2c71dfce9a27650634dc8b1ca03bf0 (160 x Loki, 58 x Formbook, 55 x Adware.Generic)
ssdeep	49152:8cEMpWJGxUD0mRi/Fui6B8nySXyFkqkAIrLnyxW1A10wINRDfOTfS:JEMpOgm8/Qsn+yHyxWS1gz
Threatray	715 similar samples on MalwareBazaar
TLSH	8CD533B122A4B483F06935BB25750938A9B29DC361F0F502A7837B607AF38574BCF947
Reporter	James_inthe_box
Tags:	Adware.Generic exe

Intelligence

File Origin

# of uploads :

1

# of downloads :

99

Origin country :

n/a

Vendor Threat Intelligence

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/16342/

Detection(s):

PUA.Win.Downloader.Soft32downloader-6691270-0

SecuriteInfo.com.Artemis162931E90DCF.4593.UNOFFICIAL

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/d6f98f5291cec1f95f72fdd63d0ad49239f9396de4c297b01929bb7cb0024b7e/

Threat name:

Win32.Trojan.Strictor

Status:

Malicious

First seen:

2020-06-29 13:50:31 UTC

File Type:

PE (Exe)

Extracted files:

25

AV detection:

23 of 29 (79.31%)

Threat level:

5/5

Verdict:

malicious

Similar samples:

0e4c5cf2d1d60e4931c7af6021073006379935d688f5f55ad21fb29844d75a5a

0f24e222f76b19a0f1995c70e3711ab2b1c7e3f41c5e915796e767fce361e2e3

3c81bde8d413cadc04efa32c2754918d4a1a9c43a60181e7907cca8d31107826

581ccb74a37077703bcc314447ce7dfeec42832bad81225f1be6c214ca9bf51d

5c63c2887891a56e0465251c8112ce7a07fc70e782dbc2e80f45f670294d4285

5e23eed104a5bd67c8ae3abe1f3554abac8500bf9f916992df36246b06f14419

7ef7ff0660d406b237fd3253738d60a294c0273ca1436cf9ba87d5b2ea8d62d8

9f06ce1718cfa4e73366f82c9488b7a4aad4ddede7d7b3b51d44667607a3961c

c2f42cfcfafad77546d57cbfde6a6f4c1c75d684a81304d1ec901285b1873bd3

cfd29866a9e618985b15c779e0ac0ad8e09a9e997774c0d2fe18f00f8110a24a

+ 705 additional samples on MalwareBazaar

Result

Malware family:

n/a

Score:

5/10

Tags:

persistence

Link:

https://tria.ge/reports/200629-r1z3pfckm2/

Behaviour

Modifies service

Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Delivery method

Other

Cape

Cape

https://www.capesandbox.com/analysis/16342/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample