MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 db62281a4e6a0517b6798fc040076450e3e1f9936a302946f94d4ec8949d8c35. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 1 Yara Comments

SHA256 hash: db62281a4e6a0517b6798fc040076450e3e1f9936a302946f94d4ec8949d8c35
SHA3-384 hash: 60e141698cb44f2a62c723713e6c7e51d4c55103a1937bab028a811b7330be97a44faeb0a5ca84e12e3b170388ee733b
SHA1 hash: 3423edcd6cd7789b9b75cdc8ee1bc3c6af6c6692
MD5 hash: 8f0ca897e8476b9067642e7fd64f3f2f
humanhash: rugby-whiskey-high-mango
File name:PAYMENT COPY_PDF.Z.rar
Download: download sample
Signature n/a
File size:377'424 bytes
First seen:2020-06-30 12:57:47 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 6144:mXL0a7ixROD8kh/DxsmOlr93KzTmpfHUYmE/dKQoe91ZYjaVX7rtXkqFPdLcwk:m17F8khtsL5R0mpfHUYmE/dMU1ZYeVri
TLSH EC84235095BB04A9EF33D5EB08AECFCDF941C68C9570725036B19BC4AC1E9A7D0287E2
Reporter @jarumlus


Mail intelligence
Trap location Impact
CH Switzerland Low
IT Italy Low
Global Medium
# of uploads 1
# of downloads 26
Origin country FR FR
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Frs
First seen:2020-06-30 12:59:04 UTC
AV detection:11 of 31 (35.48%)
Threat level:   5/5
Spamhaus Hash Blocklist :Suspicious file
VirusTotal:Virustotal results 11.29%

File information

The table below shows additional information about this malware sample such as delivery method and external references.


rar db62281a4e6a0517b6798fc040076450e3e1f9936a302946f94d4ec8949d8c35

(this sample)

Delivery method
Distributed via e-mail attachment