MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 df32989919fcad268fd0f027d04480119f73b4142eb63031c2f103b54608fa3d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence File information 3 Yara Comments

SHA256 hash: df32989919fcad268fd0f027d04480119f73b4142eb63031c2f103b54608fa3d
SHA1 hash: 11415bf2be8691d487d5358930199a62e0163529
MD5 hash: e541c8254d60bf94c1b7c155a448f6d3
File name:TNT Original Invoice.scr
Download: download sample
Signature GuLoader
File size:94'208 bytes
First seen:2020-05-22 14:26:33 UTC
Last seen:2020-05-22 15:48:47 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash a7730cb7e4edea3ead95acba8b2abaa2
ssdeep 1536:JxLSc5pzet2CHW9gq5d2tkRDVY4vGM1W1G:JF5VeYCH0dfDqvm2G
TLSH B5932725F8A4DCB6C8248FF15D368B68046BEC711F614A0375C97B5E2B37A8EA670347
Reporter @jarumlus


Mail intelligence No data
# of uploads 2
# of downloads 23
Origin country FR FR
ClamAV PUA.Win.Packer.ProtectSharewar-2
VirusTotal:Virustotal results 16.67%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



Executable exe df32989919fcad268fd0f027d04480119f73b4142eb63031c2f103b54608fa3d

(this sample)

Delivery method
Distributed via e-mail attachment