MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f4ab529f16fd2e88c1e552fdaacacf59c40cf863dfa6356beadaf310d5ae6544. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: f4ab529f16fd2e88c1e552fdaacacf59c40cf863dfa6356beadaf310d5ae6544
SHA3-384 hash: 2e1e4191c383fb2046ef232b6a13eccd698d306c5c1e9cd4bc08153f86faa9b8675c5467486476949dfb4a3a0a7d36fc
SHA1 hash: 0ea8bb9950585da9969e4da760837fa88505542a
MD5 hash: 00f6982debf7fc28b7e70b041bc22cf7
humanhash: three-louisiana-lactose-michigan
File name:f4.exe
Download: download sample
File size:899'104 bytes
First seen:2021-07-21 11:31:33 UTC
Last seen:2021-07-21 12:44:29 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash 3ba132b0b7b7ed434ae1838170143700
ssdeep 12288:R42rO13CWthRtUZ1PuQB/V7oXU8OnSC+s59kr15gSQ/QwroSkohEZQ60Z:e261yWt36Z0QBpuU8HR5gS2QwroB2K0
Threatray 3 similar samples on MalwareBazaar
TLSH T100156C56A7A800F9F17BD339C9D25603E6B2BC55132097DF02A0DAEA1F336E15E3A711
dhash icon 6800716969b20020
Reporter 0x746f6d6669
Tags:exe

Intelligence

File Origin
# of uploads :
2
# of downloads :
104
Origin country :
n/a
Vendor Threat Intelligence
Malware family:
n/a
ID:
1
File name:
f4.exe
Verdict:
No threats detected
Analysis date:
2021-07-21 11:36:08 UTC
Tags:
n/a
Link:
https://app.any.run/tasks/a6ba458f-203b-42c4-a20c-e3c572f79559

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/172969/
Detection(s):
SecuriteInfo.com.Trojan-FRQF00F6982DEBF7.9989.26460.UNOFFICIAL
Create hunting rule

Result
Verdict:
UNKNOWN
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Verdict:
Malicious
Link:
https://analyze.intezer.com/analyses/854e3af5-b8ec-402b-ada4-de53e20fd9ac
Result
Threat name:
Unknown
Detection:
malicious
Classification:
troj
Score:
52 / 100
Link:
https://www.joesandbox.com/analysis/819455
Signature
Multi AV Scanner detection for submitted file
Uses the Telegram API (likely for C&C communication)
Behaviour
Behavior Graph:
Download SVG
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/f4ab529f16fd2e88c1e552fdaacacf59c40cf863dfa6356beadaf310d5ae6544/
Threat name:
Win64.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2021-07-21 00:44:58 UTC
AV detection:
3 of 28 (10.71%)
Threat level:
  5/5
Verdict:
unknown
Similar samples:
032f8678c49d5320602b75ce8da611d6bc4268354e905aed217451d7f739da67
1ba9ef8703b10a0f158636a138b120835e9588c21ec2e78be898afcae54b0142
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/210721-araabyhqb2/
Unpacked files
SH256 hash:
f4ab529f16fd2e88c1e552fdaacacf59c40cf863dfa6356beadaf310d5ae6544
MD5 hash:
00f6982debf7fc28b7e70b041bc22cf7
SHA1 hash:
0ea8bb9950585da9969e4da760837fa88505542a
Link:
https://www.unpac.me/results/027bacd8-b130-4a2e-bfbf-044ba1545f7b/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/f4ab529f16fd2e88c1e552fdaacacf59c40cf863dfa6356beadaf310d5ae6544

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/172969/

Comments