FacturEndesa.Archivo.msi
- Filename:
- FacturEndesa.Archivo.msi
- md5:
- 10e1dca88c9c912f228215b2d97da31f
- sha1:
- 1b94913585fdba6eb55419d64e0dd961071b1ac9
- sha256:
- bd343be370251ba352331a8a11e61255c0b45ac71f45dc93a0b0c38cf3de8107
- Filetype:
- application/x-msi
- Classification:
- malicious
- Indexed:
- Thu Dec 16 2021 09:15:19 GMT+0000 (4 years ago)
- Last modified:
- Wed Sep 17 2025 09:10:30 GMT+0000 (2 days ago)
Sample information
28
Antivirus detections0
IDS alerts0
Processes0
Http events0
Contacted hosts0
DNS RequestsScore
Current activity of this Sample
Blacklist timeline
First seen: Thu Dec 16 2021 06:57:24 GMT+0000
Last seen: Thu Dec 16 2021 07:57:24 GMT+0000
Period: an hour
Last seen: Thu Dec 16 2021 07:57:24 GMT+0000
Period: an hour
Hashes
In depth details
Dates
Developers can check API Specification here:
Request:
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/sample/bd343be370251ba352331a8a11e61255c0b45ac71f45dc93a0b0c38cf3de8107
Request:
Alternatively you can use Maltiverse Python3 Library:
import requests
import json
url = 'https://api.maltiverse.com/sample/bd343be370251ba352331a8a11e61255c0b45ac71f45dc93a0b0c38cf3de8107'
response = requests.get(url)
print(json.dumps(response.json(), indent=4, sort_keys=True))
Request:
$url = 'https://api.maltiverse.com/sample/bd343be370251ba352331a8a11e61255c0b45ac71f45dc93a0b0c38cf3de8107'
$headers = @{Authorization=("Bearer {0}" -f "<API_KEY>")}
$response = Invoke-RestMethod $url -Headers $headers
Write-Output $response
Response:
{
"antivirus": [
{
"description": "Trojan.GenericKD.47665518",
"name": "ALYac"
},
{
"description": "Win32:Trojan-gen",
"name": "AVG"
},
{
"description": "Trojan.GenericKD.47665518",
"name": "Ad-Aware"
},
{
"description": "Trojan/Win.Generic.C4634343",
"name": "AhnLab-V3"
},
{
"description": "Trojan/Generic.ASMalwS.34F0CAB",
"name": "Antiy-AVL"
},
{
"description": "Trojan.Generic.D2D7516E",
"name": "Arcabit"
},
{
"description": "Win32:Trojan-gen",
"name": "Avast"
},
{
"description": "TR/Dldr.Banload.npwem",
"name": "Avira"
},
{
"description": "Trojan.GenericKD.47665518",
"name": "BitDefender"
},
{
"description": "Win.Downloader.Zusy-9917016-0",
"name": "ClamAV"
},
{
"description": "TrojWare.Win32.Agent.unqnx@0",
"name": "Comodo"
},
{
"description": "Malicious (score: 99)",
"name": "Cynet"
},
{
"description": "W32/Banload.C.gen!Eldorado",
"name": "Cyren"
},
{
"description": "a variant of Win32/TrojanDownloader.Banload.YST",
"name": "ESET-NOD32"
},
{
"description": "Trojan.GenericKD.47665518 (B)",
"name": "Emsisoft"
},
{
"description": "Trojan.GenericKD.47665518",
"name": "FireEye"
},
{
"description": "W32/Banload.YST!tr.dldr",
"name": "Fortinet"
},
{
"description": "Generic.Trojan.Agent.X6CECB",
"name": "GData"
},
{
"description": "UDS:Trojan-Downloader.Win32.Banload.gen",
"name": "Kaspersky"
},
{
"description": "malware (ai score=82)",
"name": "MAX"
},
{
"description": "Artemis!DE8D65D9FE56",
"name": "McAfee"
},
{
"description": "Artemis!Trojan",
"name": "McAfee-GW-Edition"
},
{
"description": "Trojan.GenericKD.47665518",
"name": "MicroWorld-eScan"
},
{
"description": "Trojan:Win32/Sabsik.FL.B!ml",
"name": "Microsoft"
},
{
"description": "Mal/Banspy-K",
"name": "Sophos"
},
{
"description": "TROJ_GEN.R002C0RLH21",
"name": "TrendMicro"
},
{
"description": "TROJ_GEN.R002C0RLH21",
"name": "TrendMicro-HouseCall"
},
{
"description": "BScope.TrojanDownloader.Delf",
"name": "VBA32"
}
],
"blacklist": [
{
"count": 1,
"description": "Generic.Malware",
"first_seen": "2021-12-16 07:57:24",
"labels": [
"malicious-activity"
],
"last_seen": "2021-12-16 07:57:24",
"source": "Abuse.ch"
},
{
"count": 1,
"description": "Generic.Malware",
"first_seen": "2021-12-16 07:57:24",
"labels": [
"malicious-activity"
],
"last_seen": "2021-12-16 07:57:24",
"source": "MalwareBazaar Abuse.ch"
}
],
"classification": "malicious",
"creation_time": "2021-12-16 09:15:19",
"filename": [
"FacturEndesa.Archivo.msi"
],
"filetype": "application/x-msi",
"is_alive": false,
"is_cdn": false,
"is_cnc": false,
"is_distributing_malware": false,
"is_hosting": false,
"is_iot_threat": false,
"is_known_attacker": false,
"is_known_scanner": false,
"is_mining_pool": false,
"is_open_proxy": false,
"is_phishing": false,
"is_sinkhole": false,
"is_storing_phishing": false,
"is_tor_node": false,
"is_vpn_node": false,
"md5": "10e1dca88c9c912f228215b2d97da31f",
"modification_time": "2025-09-17 09:10:30",
"scoring_executed_time": "2025-09-17 09:10:30",
"sha1": "1b94913585fdba6eb55419d64e0dd961071b1ac9",
"sha256": "bd343be370251ba352331a8a11e61255c0b45ac71f45dc93a0b0c38cf3de8107",
"type": "sample"
}
Antivirus positives
| Antivirus | Threat |
|---|---|
| ALYac | Trojan.GenericKD.47665518 |
| AVG | Win32:Trojan-gen |
| Ad-Aware | Trojan.GenericKD.47665518 |
| AhnLab-V3 | Trojan/Win.Generic.C4634343 |
| Antiy-AVL | Trojan/Generic.ASMalwS.34F0CAB |
| Arcabit | Trojan.Generic.D2D7516E |
| Avast | Win32:Trojan-gen |
| Avira | TR/Dldr.Banload.npwem |
| BitDefender | Trojan.GenericKD.47665518 |
| ClamAV | Win.Downloader.Zusy-9917016-0 |
| Comodo | TrojWare.Win32.Agent.unqnx@0 |
| Cynet | Malicious (score: 99) |
| Cyren | W32/Banload.C.gen!Eldorado |
| ESET-NOD32 | a variant of Win32/TrojanDownloader.Banload.YST |
| Emsisoft | Trojan.GenericKD.47665518 (B) |
| FireEye | Trojan.GenericKD.47665518 |
| Fortinet | W32/Banload.YST!tr.dldr |
| GData | Generic.Trojan.Agent.X6CECB |
| Kaspersky | UDS:Trojan-Downloader.Win32.Banload.gen |
| MAX | malware (ai score=82) |
| McAfee | Artemis!DE8D65D9FE56 |
| McAfee-GW-Edition | Artemis!Trojan |
| MicroWorld-eScan | Trojan.GenericKD.47665518 |
| Microsoft | Trojan:Win32/Sabsik.FL.B!ml |
| Sophos | Mal/Banspy-K |
| TrendMicro | TROJ_GEN.R002C0RLH21 |
| TrendMicro-HouseCall | TROJ_GEN.R002C0RLH21 |
| VBA32 | BScope.TrojanDownloader.Delf |