MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 fccff2b436faf6e84c2412b2353a7fc7eaaff2eb818bb14ce0cd9eece4f80534. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	fccff2b436faf6e84c2412b2353a7fc7eaaff2eb818bb14ce0cd9eece4f80534
SHA3-384 hash:	1c6bf82b0e18b9953f9803d9a8b5f4584992c3dd45cf73a9ff1556bce210afd2169a34cd030c246a98c8b82a80ebfdc9
SHA1 hash:	d52239135a4be34f4c647efe6d703f2613eeb763
MD5 hash:	1d74c5d9e3ccc302ab98d22fe84e2f03
humanhash:	oregon-magazine-papa-king
File name:	sww.wbk
Download:	download sample
File size:	10'639 bytes
First seen:	2021-07-22 13:10:58 UTC
Last seen:	Never
File type:	unknown
MIME type:	text/plain
ssdeep	192:gZFZuEHeyxfoPVIWfVHCKIbOhCtqBJzx2qREXihlZVXdBp8IvE:gDey1oPXIXtWhJhbHJvE
TLSH	T10A222BACEA6B4369CF89D260A076DF8C43997A7CE3489152392CB3313F87F254E154B4
Reporter	info_sec_ca
Tags:	CVE-2017-11882 wbk

Intelligence

File Origin

# of uploads :

1

# of downloads :

96

Origin country :

n/a

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.Spam-473.UNOFFICIAL

Sanesecurity.Malware.27333.RtfHeur.BadVer.UNOFFICIAL

SecuriteInfo.com.FakeRTF-1.UNOFFICIAL

Sanesecurity.Malware.26244.RtfHeur.UNOFFICIAL

MiscreantPunch.RTF.EvilRTF.CVE-2017-0199-Obfus.UNOFFICIAL

TwinWave.EvilDoc.RTFFakeVersionWithObjUpdateUKSurfMix.20200514.UNOFFICIAL

Result

Verdict:

MALICIOUS

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/fccff2b436faf6e84c2412b2353a7fc7eaaff2eb818bb14ce0cd9eece4f80534/

Threat name:

Document-RTF.Exploit.CVE-2017-11882

Status:

Malicious

First seen:

2021-07-22 13:11:03 UTC

AV detection:

20 of 45 (44.44%)

Threat level:

5/5

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/fccff2b436faf6e84c2412b2353a7fc7eaaff2eb818bb14ce0cd9eece4f80534

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

unknown fccff2b436faf6e84c2412b2353a7fc7eaaff2eb818bb14ce0cd9eece4f80534

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/1473682/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample