Malware Hash Query

This utility queries our own database, VirusTotal.com, TheatExpert.com, and Team-CYMRU for known malware hashes and links to analysis reports.

Hash:


File: bayanat.doc
File size: 436028 bytes
File type: data
MD5: e50d18a8977d9e46fc9ca9cb64e61e3a
SHA1: 8090b208d36684d4614756f8df1123e17f9cdaed
SHA256: 4e3f036cd2f6214f7324a6577ea136e7c483b3b2a0e1da9c4e35f1abfadee459
SSDEEP: 12288:+4cALhdG8CS4QJBx3VgIcttZU9svt4UfvSpGfppq4A:+4cALLJlXctta9MtNfvql
Reported: 2015-07-05 12:37:49
Detection engine: 213
Result: Suspicious file - Embedded Executable
Confidence: 50
Scan hits: 1

Embedded Executable:

XOR encryption: Yes
Bitwise ROL cipher: No
Replacement cipher: No
Mathematical substitution cipher: No

Search type: xordb
Matching: full
Key Length: 256 bytes
Key Unique Sum: 32640 More
Key Location: @14561 bytes
Key Accuracy: 100.00%
Fuzzy Errors: 0
File XOR Offset: @225 bytes
XOR Key normalized hash: 9b7e14df2ffe3c32566f3fff8481c6f2 More
XOR Key:


Detected entities:

Embedded Executable: This program cannot be run in DOS mode [14639] show hexdump

RepositoryStatusMore Info

vicheck.ca

Embedded Executable
Confidence: 50
Scan hits: 1

VirusTotal.com

New/Nothing Found

none

ThreatExpert.com

reported

click here

Team-CYMRU.org

New/Nothing Found

none


Shellcode Scan:

Shellcode not found.


Exploit Scan:

Exploit: not found.

Sandbox report:

Processing...this can take from 20 minutes to several hours depending on the load.

Comments (0): show/hide