MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 fa0dc33a3de4aef67a0a81cde65289d008650d56ec8b837a81762156824d4eef. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Threat unknown
Vendor detections: 7
| SHA256 hash: | fa0dc33a3de4aef67a0a81cde65289d008650d56ec8b837a81762156824d4eef |
|---|---|
| SHA3-384 hash: | a09776c0b603ae951b626cee4ec97df6a4ea8daa91951baa29dda220e79d701cab7d37b037eaf3a8222b239e5afe4f50 |
| SHA1 hash: | bef74ae1aea3329ad85a4d8e20f669709168f433 |
| MD5 hash: | a5f82322016f49755fc66a0864dc93f2 |
| humanhash: | mobile-speaker-oscar-video |
| File name: | wmac.exe |
| Download: | download sample |
| File size: | 1'824'529 bytes |
| First seen: | 2021-05-07 04:45:29 UTC |
| Last seen: | Never |
| File type: | |
| MIME type: | application/x-dosexec |
| imphash | ffca4b8182ebb8822b4187a5e1e23e14 |
| ssdeep | 24576:IaUxvxK4u/prLB0wVBPxhXJe7vGF22D8DM/KgF44gZ6c9x3ci64JY6gZszOYABtx:kJKNl0wrxIyhKgzgZFcmJYt6bYG+ |
| Threatray | 77 similar samples on MalwareBazaar |
| TLSH | 08852312BAC1C073E9933830C9B5D630AB79B970A73A5507BFE02E5E7A703E59A11753 |
| Reporter | |
| Tags: | trojan-dropper |
Intelligence
File Origin
Vendor Threat Intelligence
Result
Behaviour
Result
Details
Result
Signature
Behaviour
Result
Behaviour
Unpacked files
YARA Signatures
MalwareBazaar uses YARA rules from several public and non-public repositories, such as YARAhub and Malpedia. Those are being matched against malware samples uploaded to MalwareBazaar as well as against any suspicious process dumps they may create. Please note that only results from TLP:CLEAR rules are being displayed.
| Rule name: | Ping_Del_method_bin_mem |
|---|---|
| Author: | James_inthe_box |
| Description: | cmd ping IP nul del |
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Web download
exe fa0dc33a3de4aef67a0a81cde65289d008650d56ec8b837a81762156824d4eef
(this sample)
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.============================================================
MBC behaviors list (github.com/accidentalrebel/mbcscan):
============================================================
0) [B0001.032] Anti-Behavioral Analysis::Timing/Delay Check GetTickCount
1) [C0002.010] Communication Micro-objective::IWebBrowser::HTTP Communication
2) [C0029.002] Cryptography Micro-objective::SHA1::Cryptographic Hash
3) [C0029.003] Cryptography Micro-objective::SHA256::Cryptographic Hash
4) [C0031.001] Cryptography Micro-objective::AES::Decrypt Data
5) [C0027.009] Cryptography Micro-objective::RC4::Encrypt Data
6) [C0021.004] Cryptography Micro-objective::RC4 PRGA::Generate Pseudo-random Sequence
7) [C0032.001] Data Micro-objective::CRC32::Checksum
8) [C0026.002] Data Micro-objective::XOR::Encode Data
9) [C0030.001] Data Micro-objective::MurmurHash::Non-Cryptographic Hash
11) [B0013.001] Discovery::Process detection
12) [C0046] File System Micro-objective::Create Directory
13) [C0048] File System Micro-objective::Delete Directory
14) [C0047] File System Micro-objective::Delete File
15) [C0049] File System Micro-objective::Get File Attributes
16) [C0051] File System Micro-objective::Read File
17) [C0050] File System Micro-objective::Set File Attributes
18) [C0052] File System Micro-objective::Writes File
19) [C0034.001] Operating System Micro-objective::Set Variable::Environment Variable
20) [C0036.004] Operating System Micro-objective::Create Registry Key::Registry
21) [C0036.003] Operating System Micro-objective::Open Registry Key::Registry
22) [C0036.006] Operating System Micro-objective::Query Registry Value::Registry
23) [C0036.001] Operating System Micro-objective::Set Registry Key::Registry
24) [C0040] Process Micro-objective::Allocate Thread Local Storage
25) [C0017] Process Micro-objective::Create Process
26) [C0038] Process Micro-objective::Create Thread
27) [C0041] Process Micro-objective::Set Thread Local Storage Value
28) [C0018] Process Micro-objective::Terminate Process