MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d8ee12ad5c491e784d9dae4c089d91ae8b95fa4103d723f1ed589a712a24d417. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d8ee12ad5c491e784d9dae4c089d91ae8b95fa4103d723f1ed589a712a24d417
SHA3-384 hash: 98f4ca5fb6e603d960481caf7ea1513e3ea7935e3edbeb5a044d8a6f679d57cd19f88b507ca69b5af6bfc38fe673e5f6
SHA1 hash: 083349916b2da8a77f36e2c7747aeabb42d63c34
MD5 hash: ea664381383e8fda2d6efcdc7d99e023
humanhash: wyoming-neptune-oklahoma-moon
File name:FASK Kuwait Co RFQ 002022020 Supply Tender 45890720.r00
Download: download sample
File size:554'896 bytes
First seen:2020-08-16 13:52:26 UTC
Last seen:Never
File type: r00
MIME type:application/x-rar
ssdeep 12288:dVfkp2zd7qvsoj7wdnALKIPlB/kw89csA49pXJYGXe4n0fG/1a:fs8BRIKALKGL/kw8qd4vSEe40+/4
TLSH 3BC423C1B9104DE3C2F264F1621843E6E713DF1C6B32945E78EE8FDA169D096A47A0B7
Reporter abuse_ch
Tags:r00


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: vm86.entorno.es
Sending IP: 195.162.18.227
From: Surya Narayana <surya.narayana@faskkuwait.com>
Subject: RE: SUPPLY TENDER NO 4589070: RFQ 002022020 FOR Fask Kuwait Gen. Trad & Contracting Co.
Attachment: FASK Kuwait Co RFQ 002022020 Supply Tender 45890720.r00 (contains "BOQ Quotaion Request Data Sheet Requirement No 002022020.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
69
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/d8ee12ad5c491e784d9dae4c089d91ae8b95fa4103d723f1ed589a712a24d417/
Threat name:
ByteCode-MSIL.Spyware.Noon
Create hunting rule
Status:
Malicious
First seen:
2020-08-16 13:54:06 UTC
AV detection:
14 of 29 (48.28%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=3dxbflk4jephqtm5vzgarhmrv2fzl6sbaplsh4pnlcnhckre2qlq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/d8ee12ad5c491e784d9dae4c089d91ae8b95fa4103d723f1ed589a712a24d417

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

r00 d8ee12ad5c491e784d9dae4c089d91ae8b95fa4103d723f1ed589a712a24d417

(this sample)

Executable exe 7811b5864571348651746538905398e08bc9a5a11d6cb27ff6dd7a970be77741

  
Dropping
MD5 82bb00537b94e8cdf65d9b07bdbc9527
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 7811b5864571348651746538905398e08bc9a5a11d6cb27ff6dd7a970be77741

Comments