MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ef2ea78c09850bffba6cb63a39e2119115573611d695dd53d3d01256a07f2595. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ef2ea78c09850bffba6cb63a39e2119115573611d695dd53d3d01256a07f2595
SHA3-384 hash: d4d324377f7b99eab4cab0b7a44dd4e6f2181006a89a812fc49f39c5a521e394132e01b86db9b5684015237cdb92f6f8
SHA1 hash: 6c4025668a1eb6fbf4b376946e7e5dcde7696553
MD5 hash: f2589762a6f1162824c539377c067a5b
humanhash: montana-alabama-oscar-cola
File name:ef2ea78c09850bffba6cb63a39e2119115573611d695dd53d3d01256a07f2595
Download: download sample
File size:1'019'656 bytes
First seen:2020-06-03 09:01:44 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 412c34c6d7a310bb2a46f4bb344eefe1
ssdeep 12288:3hamPKlhLYBNdXqefQe+kMIXKTYvnqFo78CS3mzo4l:3acb1qxeAIkYvb8Cns4l
Threatray 1 similar samples on MalwareBazaar
TLSH D12559137AF0B139E6E643795F66D1E4AAFF78508F32E10B769C420B092558DC36B362
Reporter raashidbhatt
Tags:exe

Intelligence

File Origin
# of uploads :
1
# of downloads :
58
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
PUA.Win.Adware.Slimware-6535193-1
Create hunting rule

PUA.Win.Trojan.Generic-6629273-0
Create hunting rule

PUA.Win.Downloader.Aiis-6803892-0
Create hunting rule

Gathering data
Threat name:
Win32.PUA.Slimware
Create hunting rule
Status:
Malicious
First seen:
2020-06-03 08:15:31 UTC
AV detection:
18 of 31 (58.06%)
Threat level:
  1/5
Verdict:
unknown
Similar samples:
eddc999a7e76c2af01abaa813a903686f6f5b7ff94a7587c071bf2d2243b5239
Result
Malware family:
n/a
Score:
  6/10
Tags:
n/a
Link:
https://tria.ge/reports/201109-bxx5x4eke2/
Behaviour
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SetWindowsHookEx
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Comments