MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 def3aef2a4c47c2dfd193bd43817ae41b810d9f7c72eb718dabb212a30782771. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: def3aef2a4c47c2dfd193bd43817ae41b810d9f7c72eb718dabb212a30782771
SHA3-384 hash: 189f43aefeb372d4777f081117fee3a9e77fe81e2476ddad38793bba7071b2aa87c87e2c8abc2d84cc9041a4700749fe
SHA1 hash: f90aeb9f328cfb204efeb7c25dee2361ea702cf0
MD5 hash: 1a12cb166f0565778e1f9b1b15af3480
humanhash: equal-snake-saturn-lactose
File name:龙隐神器微端.exe
Download: download sample
File size:38'837'715 bytes
First seen:2021-02-18 15:06:17 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 03ffcb785d51c538602e3418f7eac720
ssdeep 786432:pj2SXYFVcf7wIKRWotSpU1mSevwSWsKU2hBZR3lEj3KgXaOJlER0c28TwqiVU:py5Hcf7LcHtSpUL/SfKPB5Ej31Dw2+w6
Threatray 78 similar samples on MalwareBazaar
TLSH 7187335618F96F49C698127048F0BF64DAC4607A3C6354B8F8EED341137AD78EDA9F88
Reporter vm001cn
Tags:exe flystudio

Intelligence

File Origin
# of uploads :
1
# of downloads :
120
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Sending a UDP request
Result
Verdict:
MALICIOUS
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
84 / 100
Link:
https://www.joesandbox.com/analysis/611706
Signature
Antivirus / Scanner detection for submitted sample
Antivirus detection for dropped file
Machine Learning detection for dropped file
Machine Learning detection for sample
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
PE file has nameless sections
Behaviour
Behavior Graph:
Download SVG
Gathering data
Threat name:
Win32.PUA.FlyStudio
Create hunting rule
Status:
Malicious
First seen:
2021-02-18 05:45:00 UTC
AV detection:
12 of 29 (41.38%)
Threat level:
  1/5
Verdict:
malicious
Similar samples:
1495a59a2300245b0c8cfdfe2e467de7f79a4d287e10e9119a96cdac0a1b7c5b
369fc40113a588ab1916d537d07b1151ea60bbb4f5d1a7f2de841b94791a2d11
4eb372dc146535028ffa1c88b7a6f0c7ce3a462b9dd53e1f7acdb61545bdfeeb
6ed0051747d0d5fbf4273b02e7267a257a82217c4b474117ea853014218b2b18
75b388003cc32b680abc3d9b41bc6c435af723de235eaab36a323fddcb906f62
7c72220143c425a516165961c18921c0e63fc760d7dc1a68da52087b99f1350d
8f327b1ce9510b718d832e0d0d38caf1aa73c3af31f6a915442f5b90015e7e6e
9fd40d22f5ff232a91ed5a5cf02d0b2c1ef24ec36035c9dbf5af9b709db9b7bc
ac1b332e6958c5b81be1b747c8a30172741514ed397952e01ad174be94f112a4
bd668ef292ae01d2ed9a32b1ea054e2acb484f61e86481f306669637ba31ce82
+ 68 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  8/10
Tags:
aspackv2
Link:
https://tria.ge/reports/210218-ywnmeb67kx/
Behaviour
Suspicious use of SetWindowsHookEx
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
GameHack
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/def3aef2a4c47c2dfd193bd43817ae41b810d9f7c72eb718dabb212a30782771

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments