MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 dc48ad869ca0def05c9c6b1f366a2ab4473f8907e8e64618283aeea38ba607da. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Jadtre


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: dc48ad869ca0def05c9c6b1f366a2ab4473f8907e8e64618283aeea38ba607da
SHA3-384 hash: 91b336fbabb40e044bb466d0d76ad9fa3da504c2dd3f24782ba25385c681a47af39edd91d289a74d76b8636031aa5447
SHA1 hash: e4e1c5981f369dcd7aebc2e1b3c79ad7978f21ea
MD5 hash: edbae36ed21cd54651b83923d623b295
humanhash: pasta-lamp-oranges-pip
File name:b1745eb6afbcb68978a339a6431c1a41
Download: download sample
Signature Jadtre
Create hunting rule
File size:27'136 bytes
First seen:2020-11-17 14:37:10 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 87bed5a7cba00c7e1f4015f1bdae2183 (3'034 x Jadtre, 23 x IcedID, 17 x Blackmoon)
ssdeep 768:5d5u7mNGtyVfj4vQGPL4vzZq2oZ7GsxOF7s:5d5z/fjdGCq2w7g
Threatray 1'321 similar samples on MalwareBazaar
TLSH 12C2D073CE8080FFC0CB3472208521CB9B575A72656A6867A750981E7DBCDE0EEB6753
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
55
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
PUA.Win.Packer.Asprotect-3
Create hunting rule

Win.Malware.Vtflooder-6260355-1
Create hunting rule

Win.Malware.Cerbu-9789017-0
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a file in the %temp% directory
Creating a process from a recently created file
Creating a window
Changing an executable file
DNS request
Connection attempt
Sending an HTTP POST request
Sending a UDP request
Modifying an executable file
Creating a file
Running batch commands
Creating a process with a hidden window
Connection attempt to an infection source
Infecting executable files
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/dc48ad869ca0def05c9c6b1f366a2ab4473f8907e8e64618283aeea38ba607da/
Threat name:
Win32.Virus.Jadtre
Create hunting rule
Status:
Malicious
First seen:
2020-11-17 14:38:31 UTC
AV detection:
45 of 48 (93.75%)
Threat level:
  5/5
Verdict:
malicious
Similar samples:
13a99b192d60cdefac800bc85377c85a617f9107e0d68cbf5911fa7845f92546
Jadtre
15693787b9bd1d9f2690b5ed64d274c7b5bda0ebad7cc6b3c6d167e90f18b6f8
Jadtre
276d61588774f4e6f4a02ac9de8e4434ebdb73af61b2637441a8a8c3d9340572
Jadtre
6c3a1ae78954982b91696db6173597b85f7cf42542342b74f438865190f3325e
Jadtre
776ad9c9f89361ba9c993b6a32cf5b1b310ad15be9e24dd65e9143f79e729029
Jadtre
8306fb55be072aac9c6d3520bbd10bc229ac53943474003ac9a8eacf7b0ac3b2
Jadtre
8b0a52a52bf845b3cfe0c76c1fdf445394f1772eff903fc127511883a43a21be
Jadtre
90afc35b2680e2eaf1d68bf2f4f0c845d4ec4a75f5adaaaf945c3e192f4cc05f
Jadtre
c3cbaf648bf368ccfb2f24a319f743fed352e4a4cf7cc228efc7b092c16af7a4
Jadtre
f59e4d0a35d0036ef7aec276ea86f16c07f1e3f02ff391a21c298f285a5f9d1f
Jadtre
+ 1'311 additional samples on MalwareBazaar
Unpacked files
SH256 hash:
dc48ad869ca0def05c9c6b1f366a2ab4473f8907e8e64618283aeea38ba607da
MD5 hash:
edbae36ed21cd54651b83923d623b295
SHA1 hash:
e4e1c5981f369dcd7aebc2e1b3c79ad7978f21ea
Link:
https://www.unpac.me/results/066b3933-1074-40da-94db-34642d9e5943/
SH256 hash:
5963e9d3f95ef1686ab4406f61b811e7a2fae1fe8c44f8c578425b2632929d52
MD5 hash:
13a12879fe84e511f9c2a65eff85cc86
SHA1 hash:
127fa4b8df97e821d83b40693d47a191b7d999ae
Detections:
win_unidentified_045_g0
Create hunting rule
win_unidentified_045_auto
Create hunting rule
Link:
https://www.unpac.me/results/066b3933-1074-40da-94db-34642d9e5943/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments