MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 eb3c745fcd2ea44f91f1576486d1182722ad47371342ff98df0935b6a5def866. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Threat unknown


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments

SHA256 hash: eb3c745fcd2ea44f91f1576486d1182722ad47371342ff98df0935b6a5def866
SHA3-384 hash: 47d57712c594f1c9d7aabf5a08d6c1e2f2442aa049dccd0b6d933d566dbe73ea51e6c1f3a4610290e74be63767184f1b
SHA1 hash: 51902b8b7d0b03acd8c59b40693e07237c8b2cb6
MD5 hash: a9026e3359b0804c757565c51f65d019
humanhash: white-eight-sixteen-pizza
File name:stubino
Download: download sample
Signature n/a
File size:154'284 bytes
First seen:2022-08-05 07:04:52 UTC
Last seen:Never
File type:unknown
MIME type:text/plain
ssdeep 3072:HLw42yca+ns8s1Lt2PADaR9QRvtHZqZfpIYq+:rf2y/ys8qpxwQ3HqfKYT
TLSH T196E39E3DCA2BFEDA2B2CB448500C2DC22DD419D7DBAC6774CD091856369D820DB6D9BE
Reporter @JAMESWT_MHT
Tags:208-67-105-125

Intelligence


File Origin
# of uploads :
1
# of downloads :
137
Origin country :
IT IT
Mail intelligence
No data
Vendor Threat Intelligence
Verdict:
No Threat
Threat level:
  2/10
Confidence:
100%
Tags:
cmd.exe explorer.exe hacktool obfuscated shell32.dll
Result
Verdict:
MALICIOUS
Details
Base64 Encoded URL
Detected an ANSI or UNICODE http:// or https:// base64 encoded URL prefix.
Threat name:
Win32.Backdoor.Remcos
Status:
Malicious
First seen:
2022-08-02 09:41:57 UTC
File Type:
Text (PowerShell)
AV detection:
14 of 26 (53.85%)
Threat level:
  5/5

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Web download

unknown eb3c745fcd2ea44f91f1576486d1182722ad47371342ff98df0935b6a5def866

(this sample)

  
Delivery method
Distributed via web download

Comments