MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e6455292eaa87ea0011bfa12ada2a132faf4c4ba66290d453b7d8a40bc4469e6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


IcedID


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: e6455292eaa87ea0011bfa12ada2a132faf4c4ba66290d453b7d8a40bc4469e6
SHA3-384 hash: 314f6afa81d2b385750e5c15f8385f22ece400d54e1094247a77bfcdd29ff3b872b95dac71cf5c1bdc1533147fb6df4e
SHA1 hash: c8038a6c820658c4b0fc7930b342b7c63fcf7915
MD5 hash: 4d0fd34a80236c19f721dc84203ff5d4
humanhash: zulu-jupiter-lemon-xray
File name:document_54_invoice-07-26-22.zip
Download: download sample
Signature IcedID
Create hunting rule
File size:83'681 bytes
First seen:2022-07-26 19:57:44 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 1536:D4bPvy2iGc0ow0/l5TgXhg4Iw1Xdbk+bXH06etuvnr4BARmi5zK6qlfpre:DQv6Gc+0/l0dJbXGovrS3iBKplxe
TLSH T1978302F60C5681D4E6AE8AB7702539CD97409B4EC4DA7EC2DF0261B257706B3B3D8B48
TrID 80.0% (.ZIP) ZIP compressed archive (4000/1)
20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Reporter k3dg3___
Tags:3164374593 IcedID zip


Avatar
k3dg3
"document_[number]_invoice-07-26-22.zip" with password: 26711"

Intelligence

File Origin
# of uploads :
1
# of downloads :
353
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Result
Verdict:
MALICIOUS
Link:
https://labs.inquest.net/dfi/sha256/e6455292eaa87ea0011bfa12ada2a132faf4c4ba66290d453b7d8a40bc4469e6
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/e6455292eaa87ea0011bfa12ada2a132faf4c4ba66290d453b7d8a40bc4469e6/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=4zcvfexkvb7kaai37ijk3ivbgl5pjrf2myuq2rj3pwfebpcenhta._file
Gathering data
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/e6455292eaa87ea0011bfa12ada2a132faf4c4ba66290d453b7d8a40bc4469e6

File information

The table below shows additional information about this malware sample such as delivery method and external references.

IcedID

zip e6455292eaa87ea0011bfa12ada2a132faf4c4ba66290d453b7d8a40bc4469e6

(this sample)

IcedID

Executable exe cc32026b3e9ae6f3c93d8ec1ceb185eabf66be9981752b0623511d2fc1c93501

  
Dropping
SHA256 cc32026b3e9ae6f3c93d8ec1ceb185eabf66be9981752b0623511d2fc1c93501

Comments