MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f832c39ea27975ce3cb9fb60b6369274afd59b732a04624787cb820e0b52cee2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 4 Yara Comments

SHA256 hash: f832c39ea27975ce3cb9fb60b6369274afd59b732a04624787cb820e0b52cee2
SHA3-384 hash: 3ddd1bde0380223bdc4e24fda6f4421d312e0cb6cd2bb4674431eabc07dfdeb39df52854d57d763cf62611b4bae21104
SHA1 hash: 1bbd1028c1e380abd061355ba4d81075d2c34803
MD5 hash: dfa5e4fd4ec7c885aec6150c8723b813
humanhash: winter-leopard-network-quebec
File name:response.bin
Download: download sample
Signature Valak
File size:316'416 bytes
First seen:2020-06-30 15:57:11 UTC
Last seen:2020-06-30 16:47:40 UTC
File type:DLL dll
MIME type:application/x-dosexec
imphash d831b3fc1952a15e2df1f8c8fe62ab57
ssdeep 6144:2AznjdhcNdUE+jHmRa6IxNXMVt7HlVqvCKmHY6GO+4G:2Az5hcNF+jHmsHXMr3GmHzBG
TLSH 9964BE3DB581A036D02F4239547AD97045BDBC318F7F9B4B77C84E1F1A72780A62A7A2
Reporter @j_dubp
Tags:Valak

Intelligence


Mail intelligence No data
# of uploads 2
# of downloads 35
Origin country US US
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/17376/
ClamAV PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/f832c39ea27975ce3cb9fb60b6369274afd59b732a04624787cb820e0b52cee2/
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kykfk
First seen:2020-06-30 15:59:04 UTC
AV detection:7 of 31 (22.58%)
Threat level:   2/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   1/10
Malware Family:n/a
Link: https://tria.ge/reports/200630-k2ar431ng6/
Tags:n/a
VirusTotal:Virustotal results 11.27%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

5cf3095f1254e4aacdbeb10d2dacbc25

Valak

DLL dll f832c39ea27975ce3cb9fb60b6369274afd59b732a04624787cb820e0b52cee2

(this sample)

  
Dropped by
MD5 5cf3095f1254e4aacdbeb10d2dacbc25
  
Delivery method
Distributed via e-mail attachment

Comments