MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d869fccdb3807528fb62cabc388d4ad9da641fc3354c4432ce2a93ce99e43d3c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


BazaLoader


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d869fccdb3807528fb62cabc388d4ad9da641fc3354c4432ce2a93ce99e43d3c
SHA3-384 hash: bc6ab78c078312bd9e93ea9705c955c52b14275bca114da5c91d38fdbd1b28ce34d45419659ec061381a30e7752ec1f9
SHA1 hash: e61258fb5fc9ce9b814b276298885fee5e16083d
MD5 hash: 29218d420ce0c0f84c301c035801f6ff
humanhash: video-sixteen-july-sierra
File name:currCurrPl.hta
Download: download sample
Signature BazaLoader
Create hunting rule
File size:2'616 bytes
First seen:2021-09-13 15:58:31 UTC
Last seen:2021-09-13 22:13:23 UTC
File type:HTML Application (hta) hta
MIME type:application/octet-stream
ssdeep 48:YV/rpDh1eo5PF21wJO5utuzWDB3oMIn4cFY3o07Ydd:A/rpDh4o5F9OgkyVYnn4OYjY3
TLSH T1715198A8ACDB798C8A4F0801787B446F09355993A6807884965D7850AC7D6AC8FE5CBA
Reporter AndreGironda
Tags:BazaLoader hta

Intelligence

File Origin
# of uploads :
2
# of downloads :
132
Origin country :
n/a
Vendor Threat Intelligence
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
obfuscated regsvr32
Link:
https://www.filescan.io/uploads/6175035b9a5a1e91c5d1fd24/reports/73fdf3a7-279e-46e7-8f71-0e29a9aaf2b1/overview
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/d869fccdb3807528fb62cabc388d4ad9da641fc3354c4432ce2a93ce99e43d3c/
Threat name:
Script-JS.Downloader.SLoad
Create hunting rule
Status:
Malicious
First seen:
2021-09-13 15:59:12 UTC
AV detection:
19 of 45 (42.22%)
Threat level:
  3/5
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.05
Link:
https://yomi.yoroi.company/submissions/d869fccdb3807528fb62cabc388d4ad9da641fc3354c4432ce2a93ce99e43d3c

File information

The table below shows additional information about this malware sample such as delivery method and external references.

f692de5772c7123c84cbcf3cbd8177e321b2e6252b25491f91126c432bc6bb87

BazaLoader

Word file doc 330f1da454bce0a5b16245971a404c629ebe272524dc01ce46605556cd15191b

BazaLoader

HTML Application (hta) hta d869fccdb3807528fb62cabc388d4ad9da641fc3354c4432ce2a93ce99e43d3c

(this sample)

BazaLoader

Executable exe 2e8fabb2630aa1cb967d2833917ee7b67c95277ac7fe4ecc25d36cdc670abf95

BazaLoader

Executable exe a75eed2248226fdf4940c516c34bba62cd9e441de8b964d36a9485efe2a4053b

anyrun
any.run
https://any.run/report/330f1da454bce0a5b16245971a404c629ebe272524dc01ce46605556cd15191b
  
Dropping
SHA256 a75eed2248226fdf4940c516c34bba62cd9e441de8b964d36a9485efe2a4053b
  
Dropped by
SHA256 330f1da454bce0a5b16245971a404c629ebe272524dc01ce46605556cd15191b
  
Delivery method
Other

Comments