MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f13513c8b2e9f663d86a33c0d86179aa25ae600b1fac25b79b7767b99be9b177. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: f13513c8b2e9f663d86a33c0d86179aa25ae600b1fac25b79b7767b99be9b177
SHA3-384 hash: c351ed131c9f724cebce167d2bbfe912834eabc96280be5a83c481ece2778b20d65d4894976921f6e61e6b9c23d421b4
SHA1 hash: e6bc0101ce24f3f11ebf8c4dbd0798348e595cd8
MD5 hash: 78def659402fe88f82ee038b4c37ccf7
humanhash: speaker-comet-september-massachusetts
File name:2 Proforma Invoice INV7634543.PDF.exe
Download: download sample
Signature n/a
File size:1'223'680 bytes
First seen:2020-06-17 05:13:30 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash afcdf79be1557326c854b6e20cb900a7
ssdeep 24576:aAHnh+eWsN3skA4RV1Hom2KXMmHa/xpwhwxjNIkzBmpzb5:th+ZkldoPK8Ya/xpwhAj2smpR
TLSH A445BE02B3D2C036FFABA2739B66F24156BD79254123852F13981DB9BD701B1273E663
Reporter @jarumlus

Intelligence


File Origin
# of uploads :
1
# of downloads :
24
Origin country :
US US
Mail intelligence
Geo location:
Global
Volume:
Low
Geo location:
CH Switzerland
Volume:
Low
Geo location:
IT Italy
Volume:
Low
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Predator
Status:
Malicious
First seen:
2020-06-15 19:36:00 UTC
AV detection:
26 of 31 (83.87%)
Threat level
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Behaviour
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Executable exe f13513c8b2e9f663d86a33c0d86179aa25ae600b1fac25b79b7767b99be9b177

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments