MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f0ab014ed680c3cf156e236be873ddc45a9954dd059f6fecbdc2b5821f8498fc. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 7

Intelligence 7 IOCs YARA File information Comments

SHA256 hash:	f0ab014ed680c3cf156e236be873ddc45a9954dd059f6fecbdc2b5821f8498fc
SHA3-384 hash:	87285103c198d2cddb088ec66a03a17e798701eb993c192f2ca82ed9022da990dfdda43a9d309e11e79234748f267d21
SHA1 hash:	ff22884050938e8a12cc4c66594ca393734929ed
MD5 hash:	d9ddcb28e1453621739e3223e2ec2d30
humanhash:	foxtrot-pluto-georgia-quiet
File name:	SecuriteInfo.com.Trojan.GenericKD.79593986.14392.705
Download:	download sample
File size:	246'309 bytes
First seen:	2026-04-01 16:53:59 UTC
Last seen:	2026-04-01 17:23:35 UTC
File type:	xlsx
MIME type:	application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
ssdeep	3072:uHzmNdcDh4d5NLYpsn6xCGo36ZFCntBUUL4Vf4QXclpc0:KiNLYin6xS3KFozUUL4Vf4ocH
TLSH	T1FE34D0CFD67652E098D2B76B010136920D38D849C759274E26A5B5B1B7F7C3A3C0FAB8
TrID	61.2% (.XLSX) Excel Microsoft Office Open XML Format document (34000/1/7) 31.5% (.ZIP) Open Packaging Conventions container (17500/1/4) 7.2% (.ZIP) ZIP compressed archive (4000/1)
Magika	xlsx
Reporter	SecuriteInfoCom
Tags:	xlsx

Intelligence

File Origin

# of uploads :

# of downloads :

135

Origin country :

Vendor Threat Intelligence

Gathering data

Malware family:

n/a

ID:

File name:

SecuriteInfo.com.Trojan.GenericKD.79593986.14392.705

Verdict:

No threats detected

Analysis date:

2026-04-01 16:55:29 UTC

Tags:

n/a

Link:

https://app.any.run/tasks/863ce155-cb55-4eb8-9e3d-1ae42a64c8e7

Note:

ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample

Verdict:

Legit

File type:

application/vnd.openxmlformats-officedocument.spreadsheetml.sheet

Has a screenshot:

False

Contains macros:

False

Gathering data

Verdict:

Clean

Score:

99.9%

Link:

https://cyber-fortress.com/docs/result/index.php?id=69cd4dbb6363ca5d27f0a81d

Tags:

n/a

Result

Verdict:

Clean

Maliciousness:

Behaviour

Creating a window

Сreating synchronization primitives

Result

Verdict:

Malicious

File Type:

OOXML Excel File

Link:

https://app.docguard.net/f0ab014ed680c3cf156e236be873ddc45a9954dd059f6fecbdc2b5821f8498fc/results/dashboard

Verdict:

Suspicious

Threat level:

5/10

Confidence:

100%

Tags:

language-ms

Link:

https://www.filescan.io/uploads/69cd4db900ad36369409d5f6/reports/5bf71013-554f-4961-b600-3b3b343cf7ea/overview

Verdict:

Malicious

Labled as:

Trojan.Generic

Link:

https://www.hybrid-analysis.com/sample/f0ab014ed680c3cf156e236be873ddc45a9954dd059f6fecbdc2b5821f8498fc

Label:

Benign

Suspicious Score:

/10

Score Malicious:

Score Benign:

99%

Link:

https://www.malware.ai/gui/files/?id=ba8bc00d-e879-41cb-8f99-795277cf578d

Result

Verdict:

UNKNOWN

Link:

https://labs.inquest.net/dfi/sha256/f0ab014ed680c3cf156e236be873ddc45a9954dd059f6fecbdc2b5821f8498fc

Verdict:

Unknown

File Type:

xlsx

Link:

https://opentip.kaspersky.com/f0ab014ed680c3cf156e236be873ddc45a9954dd059f6fecbdc2b5821f8498fc/results?tab=lookup

Score:

Verdict:

Benign

File Type:

OFFICE

Link:

https://malprob.io/report/f0ab014ed680c3cf156e236be873ddc45a9954dd059f6fecbdc2b5821f8498fc

Gathering data

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/f0ab014ed680c3cf156e236be873ddc45a9954dd059f6fecbdc2b5821f8498fc/

Threat name:

Document.Trojan.Heuristic

Status:

Malicious

First seen:

2026-02-28 18:01:28 UTC

File Type:

Document

Extracted files:

AV detection:

3 of 36 (8.33%)

Threat level:

2/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=6cvqctwwqdb46floenv6q465yrnjsvg5awpw73f5yk2yeh4etd6a._file

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/260401-vencxshv5x/

Behaviour

Checks processor information in registry

Enumerates system info in registry

Suspicious behavior: AddClipboardFormatListener

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape

https://www.capesandbox.com/analysis/60113/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample