MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d7a593693a9f6156bb6b9d32b5e1c2f4059843be8571eb737dd0541b9fc7d28d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 7

Intelligence 7 IOCs YARA File information Comments

SHA256 hash:	d7a593693a9f6156bb6b9d32b5e1c2f4059843be8571eb737dd0541b9fc7d28d
SHA3-384 hash:	82839d973dc6129097d85e39813bbc1e212c345392c3d2b39187c64d4e996481e7633a7ad8fdc61505c4213755059d1f
SHA1 hash:	ed7964e5041a5f1c10ee0fee0186ab520b172718
MD5 hash:	1ebbf045b3b0ddb1c1e0be352a6491d2
humanhash:	bravo-butter-aspen-uncle
File name:	fud.vbs
Download:	download sample
File size:	1'451 bytes
First seen:	2023-09-16 11:29:25 UTC
Last seen:	Never
File type:	vbs
MIME type:	text/plain
ssdeep	24:KqaAwAilRfX+Ir45wkQ1kLMBRH/zSXLtGL35Mt45FLZYvgGdGDEoG2XGV19I/Fep:QrlRfHE5wkQ1kKH/wkVMsF1YLoHc19I4
TLSH	T124319DE99493DA4509F747E242048895CF5681AB253A941F7B8CEC883F343E98AF19D0
Reporter	r3dbU7z
Tags:	dropper vbs webdav

Intelligence

File Origin

# of uploads :

# of downloads :

118

Origin country :

Vendor Threat Intelligence

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/449022/

Detection(s):

SecuriteInfo.com.Script.SNH-gen.10747.25239.UNOFFICIAL

Verdict:

Suspicious

Threat level:

5/10

Confidence:

20%

Link:

https://www.filescan.io/uploads/650591bbf1b40cb0d61ce785/reports/4d9c0040-6660-4eed-85b2-2fa172b24942/overview

Verdict:

Malicious

Labled as:

VBS/TrojanDownloader.Agent

Link:

https://www.hybrid-analysis.com/sample/d7a593693a9f6156bb6b9d32b5e1c2f4059843be8571eb737dd0541b9fc7d28d

Result

Verdict:

MALICIOUS

Result

Threat name:

n/a

Detection:

suspicious

Classification:

n/a

Score:

21 / 100

Link:

https://www.joesandbox.com/analysis/1309425

Signature

Windows Scripting host queries suspicious COM object (likely to drop second stage)

Behaviour

Behavior Graph:

Download SVG

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/d7a593693a9f6156bb6b9d32b5e1c2f4059843be8571eb737dd0541b9fc7d28d/

Threat name:

Win32.Dropper.Generic

Status:

Suspicious

First seen:

2023-09-16 11:30:05 UTC

File Type:

Text (VBS)

AV detection:

1 of 22 (4.55%)

Threat level:

3/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=26szg2j2t5qvno3ltuzllyoc6qczqq56qvy6w4352bkbxh6h2kgq._file

Verdict:

unknown

Result

Malware family:

n/a

Score:

3/10

Tags:

n/a

Link:

https://tria.ge/reports/230916-nl5gfsch72/

Behaviour

Enumerates physical storage devices

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.05

Link:

https://yomi.yoroi.company/submissions/d7a593693a9f6156bb6b9d32b5e1c2f4059843be8571eb737dd0541b9fc7d28d

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

vbs d7a593693a9f6156bb6b9d32b5e1c2f4059843be8571eb737dd0541b9fc7d28d

(this sample)

Delivery method

Distributed via web download

Cape

https://www.capesandbox.com/analysis/449022/

URLhaus

https://urlhaus.abuse.ch/url/2712026/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample