» {256a6d63-35c7-4f32-93f1-9b9a13498f1d}-winrar.5.30.2.zip
Overview
Analysis
File Details
Downloads (1)

{256a6d63-35c7-4f32-93f1-9b9a13498f1d}-winrar.5.30.2.zip

The file {256a6d63-35c7-4f32-93f1-9b9a13498f1d}-winrar.5.30.2.zip has been detected as malware by 4 anti-virus scanners. The file has been seen being downloaded from wetransfer-eu1.s3.amazonaws.com.

File name:

MD5:

93a7f9ca369a384772fb1d6d0440df47

SHA-1:

a8d425a4cb06dc1c32071bc1e6d1c867b9e7288e

SHA-256:

b012d967141992fd622b7416dc69ac260f7a4f4835650b749802dae052d519b2

Scanner detections:

4 / 68

Status:

Malware

Analysis date:

4/23/2024 2:19:55 PM UTC (today)

Scan engine

Detection

Engine version

Clam AntiVirus

Win.Trojan.Rasftuby

0.98/21511

ESET NOD32

Detection.Undefined

7.0.302.0

IKARUS anti.virus

Trojan.MSIL8

t3scan.1.9.5.0

Zillya! Antivirus

Backdoor.DarkKomet.Win32.33663

2.0.0.2366

File size:

1.8 MB (1,838,349 bytes)

Common path:

C:\ProgramData\microsoft\microsoft antimalware\localcopy\{256a6d63-35c7-4f32-93f1-9b9a13498f1d}-winrar.5.30.2.zip

The file {256a6d63-35c7-4f32-93f1-9b9a13498f1d}-winrar.5.30.2.zip has been seen being distributed by the following URL.

https://wetransfer-eu1.s3.amazonaws.com/.../knGKRXrZkj1M7yb84hLE=

Remove {256a6d63-35c7-4f32-93f1-9b9a13498f1d}-winrar.5.30.2.zip - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.