idmf.ax

Sample information


1

Antivirus detections

0

IDS alerts

6

Processes

0

Http events

0

Contacted hosts

0

DNS Requests

    7


    Score

Current activity of this Sample


Blacklist timeline


Malicious
110 days since the last reported activity  
No activityreported afterJul 15, 202503:3004 AM04:3005 AM05:30Hybrid-AnalysisGeneric Malware
Hashes
Filename:
idmf.ax
md5:
ce47f58d0a870123677370b2b390d4ea
sha1:
e7cf410f66965d15b2f6d8ac7360077059156688
sha256:
6062282b185460ff22f79ca2b7435b7032cf5e36c664a9dd3335aef4e566d09c

In depth details
Filetype:
PE32+ executable (DLL) (GUI) x86-64, for MS Window ...
Size (Bytes):
487432
Classification:
malicious

Dates
Indexed:
Tue Jul 15 2025 02:52:45 GMT+0000 (4 months ago)
Last modified:
Tue Jul 15 2025 05:30:11 GMT+0000 (4 months ago)
Explore our API specification anytime here:
API Specification

Request:

          
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/sample/6062282b185460ff22f79ca2b7435b7032cf5e36c664a9dd3335aef4e566d09c

Response:

      
{
    "antivirus": [
        {
            "description": "HackTool.Inject.ye",
            "name": "Jiangmin"
        }
    ],
    "blacklist": [
        {
            "count": 14,
            "description": "Generic Malware",
            "first_seen": "2025-07-15 03:00:03",
            "last_seen": "2025-07-15 05:30:11",
            "ref": [
                21745
            ],
            "source": "Hybrid-Analysis"
        }
    ],
    "classification": "malicious",
    "creation_time": "2025-07-15 02:52:45",
    "filename": [
        "idmf.ax"
    ],
    "filetype": "PE32+ executable (DLL) (GUI) x86-64, for MS Window ...",
    "is_alive": false,
    "is_cdn": false,
    "is_cnc": false,
    "is_distributing_malware": false,
    "is_hosting": false,
    "is_iot_threat": false,
    "is_known_attacker": false,
    "is_known_scanner": false,
    "is_mining_pool": false,
    "is_open_proxy": false,
    "is_phishing": false,
    "is_sinkhole": false,
    "is_storing_phishing": false,
    "is_tor_node": false,
    "is_vpn_node": false,
    "md5": "ce47f58d0a870123677370b2b390d4ea",
    "modification_time": "2025-07-15 05:30:11",
    "process_list": [
        {
            "name": "<Ignored Process>",
            "uid": "00000000-00003756"
        },
        {
            "commandline": "/s \"C:\\idmf.ax.dll\"",
            "name": "regsvr32.exe",
            "normalizedpath": "%WINDIR%\\System32\\regsvr32.exe",
            "sha256": "8eb386c10e619db1d74f95ae54083d61d2c3030e12de1bf288e5be59312cc1a5",
            "uid": "00000000-00006016"
        },
        {
            "commandline": "\"C:\\idmf.ax.dll\",#1",
            "name": "rundll32.exe",
            "normalizedpath": "%WINDIR%\\System32\\rundll32.exe",
            "sha256": "b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6",
            "uid": "00000000-00004584"
        },
        {
            "commandline": "\"C:\\idmf.ax.dll\",#4",
            "name": "rundll32.exe",
            "normalizedpath": "%WINDIR%\\System32\\rundll32.exe",
            "sha256": "b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6",
            "uid": "00000000-00004808"
        },
        {
            "commandline": "\"C:\\idmf.ax.dll\",#3",
            "name": "rundll32.exe",
            "normalizedpath": "%WINDIR%\\System32\\rundll32.exe",
            "sha256": "b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6",
            "uid": "00000000-00007444"
        },
        {
            "commandline": "\"C:\\idmf.ax.dll\",#5",
            "name": "rundll32.exe",
            "normalizedpath": "%WINDIR%\\System32\\rundll32.exe",
            "sha256": "b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6",
            "uid": "00000000-00008060"
        }
    ],
    "score": 7,
    "scoring_executed_time": "2025-07-15 03:00:05",
    "sha1": "e7cf410f66965d15b2f6d8ac7360077059156688",
    "sha256": "6062282b185460ff22f79ca2b7435b7032cf5e36c664a9dd3335aef4e566d09c",
    "size": 487432,
    "type": "sample"
}

Antivirus positives

AntivirusThreat
JiangminHackTool.Inject.ye
Process list
uid
00000000-00003756
commandline
name
<Ignored Process>
normalizedpath
sha256
uid
00000000-00006016
commandline
/s "C:\idmf.ax.dll"
name
regsvr32.exe
normalizedpath
%WINDIR%\System32\regsvr32.exe
sha256
8eb386c10e619db1d74f95ae54083d61d2c3030e12de1bf288e5be59312cc1a5
uid
00000000-00004584
commandline
"C:\idmf.ax.dll",#1
name
rundll32.exe
normalizedpath
%WINDIR%\System32\rundll32.exe
sha256
b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6
uid
00000000-00004808
commandline
"C:\idmf.ax.dll",#4
name
rundll32.exe
normalizedpath
%WINDIR%\System32\rundll32.exe
sha256
b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6
uid
00000000-00007444
commandline
"C:\idmf.ax.dll",#3
name
rundll32.exe
normalizedpath
%WINDIR%\System32\rundll32.exe
sha256
b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6
uid
00000000-00008060
commandline
"C:\idmf.ax.dll",#5
name
rundll32.exe
normalizedpath
%WINDIR%\System32\rundll32.exe
sha256
b1e6a7a3e2597e51836277a32b2bc61aa781c8f681d44dfddea618b32e2bf2a6