MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e61d3c1e61777a1611499315d1a702a514766df9eb9c7b0c944654593d333513. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence File information Yara Comments

SHA256 hash: e61d3c1e61777a1611499315d1a702a514766df9eb9c7b0c944654593d333513
SHA1 hash: bf480aa047342f106693ed696dc3162f0776db0e
MD5 hash: 4706cb0d87c35fa805f28091e529d682
File name:document_05.22.2020.doc
Download: download sample
Signature Valak
File size:82'517 bytes
First seen:2020-05-23 01:09:25 UTC
Last seen:Never
File type:Word file doc
MIME type:application/vnd.openxmlformats-officedocument.wordprocessingml.document
ssdeep 1536:pIgd7/4IqldZWKF8XJEG65XnWlrm+CtAOWyXeqaKwBGNA4:rd7/mLF8XJS5uAAOeqaKwBGNL
TLSH C483F134FA83DC33C8C2023D90D9D242B6198A66E67317ABB49DB39577323934E6D14E
Reporter @malware_traffic


Mail intelligence No data
# of uploads 1
# of downloads 27
Origin country US US
ClamAV TwinWave.EvilDoc.Ursniff.WShell_Hold_on.20200520.UNOFFICIAL
VirusTotal:Virustotal results 36.07%

File information

The table below shows additional information about this malware sample such as delivery method and external references.