MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e833b7c2b0a0e1b3d9914a3e80e7738eab7453685d864e7a9668387dd0a247d0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


DiamondFox


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: e833b7c2b0a0e1b3d9914a3e80e7738eab7453685d864e7a9668387dd0a247d0
SHA3-384 hash: 2e341d0c086e00c417361cf4607f0a9f0a9b89a1f84a31efbe184b008cedaacc0bbdc8a6e681a5a158900e754567da16
SHA1 hash: 979b9b64fbcfe457b89f264de828f3518cd440f3
MD5 hash: 9f9b7810b1d76a3c81562332be2a356f
humanhash: vermont-oranges-asparagus-hot
File name:ISF-10+2 光國 WTXLAX200007.zip
Download: download sample
Signature DiamondFox
Create hunting rule
File size:474'516 bytes
First seen:2020-10-06 05:39:57 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:UM1xoW1pk+TC+z5FFfz4OizDv2JoDdnJdByhZfKVIga:U4oYe+z5FFfzni//RrByhZfKSga
TLSH 98A423A4C4F3BE285E0DD656B5CF85DD46AA1E87EA28DB04C322E09493C11542D2BFDB
Reporter abuse_ch
Tags:DiamondFox zip


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: mail.genoram.gq
Sending IP: 103.109.37.72
From: Whale TCH / Miffy <admin@genoram.gq>
Subject: 光國 10/08 TXG-LAX CFS 1535 裝船通知
Attachment: ISF-10+2 光國 WTXLAX200007.zip (contains "ISF-10+2 光國 WTXLAX200007.scr")

Intelligence

File Origin
# of uploads :
1
# of downloads :
85
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/e833b7c2b0a0e1b3d9914a3e80e7738eab7453685d864e7a9668387dd0a247d0/
Threat name:
ByteCode-MSIL.Trojan.Taskun
Create hunting rule
Status:
Malicious
First seen:
2020-10-06 00:20:29 UTC
AV detection:
7 of 48 (14.58%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=5az3pqvqudq3hwmrji7ibz3tr2vxiu3ilwde46uwna4h3ufci7ia._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/e833b7c2b0a0e1b3d9914a3e80e7738eab7453685d864e7a9668387dd0a247d0

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

DiamondFox

zip e833b7c2b0a0e1b3d9914a3e80e7738eab7453685d864e7a9668387dd0a247d0

(this sample)

DiamondFox

Executable exe 8616545829272fd918765d945bb44e610852b995be21965577b77cfea4868007

  
Dropping
MD5 ab74af82928f328979d85af5db7debab
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 8616545829272fd918765d945bb44e610852b995be21965577b77cfea4868007

Comments