c85eedd51dced48b3764c2d5bdb8febefe4210a2d9611e0fb14ffc937b80e302

Sample information


33

Antivirus detections

0

IDS alerts

0

Processes

0

Http events

0

Contacted hosts

0

DNS Requests


    Score

Current activity of this Sample

Blacklist timeline

Void Banshee

Maltiverse

First seen: Fri Jul 19 2024 12:05:30 GMT+0000
Last seen: Fri Jul 19 2024 13:05:30 GMT+0000
Period: an hour
Hashes
sha256:
c85eedd51dced48b3764c2d5bdb8febefe4210a2d9611e0fb14ffc937b80e302

Dates
Indexed:
Fri Jul 19 2024 13:05:30 GMT+0000 (a year ago)
Last modified:
Thu Oct 24 2024 23:12:55 GMT+0000 (9 months ago)

Developers can check API Specification here:

API Specification

Request:

          
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/sample/c85eedd51dced48b3764c2d5bdb8febefe4210a2d9611e0fb14ffc937b80e302

Request:

Alternatively you can use Maltiverse Python3 Library: 
          
import requests
import json

url = 'https://api.maltiverse.com/sample/c85eedd51dced48b3764c2d5bdb8febefe4210a2d9611e0fb14ffc937b80e302'
response = requests.get(url)
print(json.dumps(response.json(), indent=4, sort_keys=True))

Request:

          
$url = 'https://api.maltiverse.com/sample/c85eedd51dced48b3764c2d5bdb8febefe4210a2d9611e0fb14ffc937b80e302'
$headers =  @{Authorization=("Bearer {0}" -f "<API_KEY>")}
$response = Invoke-RestMethod $url -Headers $headers
Write-Output $response

Response:

      
{
    "antivirus": [
        {
            "description": "Trojan.GenericKD.73006088",
            "name": "ALYac"
        },
        {
            "description": "Other:Malware-gen [Trj]",
            "name": "AVG"
        },
        {
            "description": "Trojan/PowerShell.Agent.SC201314",
            "name": "AhnLab-V3"
        },
        {
            "description": "Trojan.Generic.D459FC08",
            "name": "Arcabit"
        },
        {
            "description": "Other:Malware-gen [Trj]",
            "name": "Avast"
        },
        {
            "description": "Trojan.GenericKD.73006088",
            "name": "BitDefender"
        },
        {
            "description": "W32.Common.56CAC5C0",
            "name": "Bkav"
        },
        {
            "description": "PowerShell/TrojanDownloader.Agent.IPJ",
            "name": "ESET-NOD32"
        },
        {
            "description": "Trojan.GenericKD.73006088 (B)",
            "name": "Emsisoft"
        },
        {
            "description": "Trojan.GenericKD.73006088",
            "name": "FireEye"
        },
        {
            "description": "PowerShell/Agent.IPJ!tr",
            "name": "Fortinet"
        },
        {
            "description": "Trojan.GenericKD.73006088",
            "name": "GData"
        },
        {
            "description": "Detected",
            "name": "Google"
        },
        {
            "description": "Trojan-Downloader.PowerShell.Agent",
            "name": "Ikarus"
        },
        {
            "description": "HEUR:Trojan.PowerShell.Generic",
            "name": "Kaspersky"
        },
        {
            "description": "Trojan.Script.PowerShell.4!c",
            "name": "Lionic"
        },
        {
            "description": "malware (ai score=85)",
            "name": "MAX"
        },
        {
            "description": "Trojan.GenericKD.73006088",
            "name": "MicroWorld-eScan"
        },
        {
            "description": "Trojan:PowerShell/Malgent.HNAA!MTB",
            "name": "Microsoft"
        },
        {
            "description": "Troj/PSDL-VZ",
            "name": "Sophos"
        },
        {
            "description": "ISB.Downloader!gen285",
            "name": "Symantec"
        },
        {
            "description": "Win32.Trojan-Downloader.Downloader.Czlw",
            "name": "Tencent"
        },
        {
            "description": "Trojan.PS1.ATLANTIDA.YXEGR",
            "name": "TrendMicro"
        },
        {
            "description": "Trojan.PS1.ATLANTIDA.YXEGR",
            "name": "TrendMicro-HouseCall"
        },
        {
            "description": "Trojan.GenericKD.73006088",
            "name": "VIPRE"
        },
        {
            "description": "HEUR:Trojan.PowerShell.Generic",
            "name": "ZoneAlarm"
        },
        {
            "description": "Trojan[downloader]:Win/Agent.IXU",
            "name": "alibabacloud"
        },
        {
            "description": "Script.trojan.A12413394",
            "name": "CAT-QuickHeal"
        },
        {
            "description": "PS/Downloader.ji",
            "name": "McAfee"
        },
        {
            "description": "PS/Downloader.ji",
            "name": "Skyhigh"
        },
        {
            "description": "PSH/Agent.PJ",
            "name": "Varist"
        },
        {
            "description": "HEUR:TrojanDownloader/PS.NetLoader.z",
            "name": "huorong"
        },
        {
            "description": "Troj/PSDl-WE",
            "name": "Sophos"
        }
    ],
    "blacklist": [
        {
            "count": 1,
            "description": "Void Banshee",
            "first_seen": "2024-07-19 13:05:30",
            "last_seen": "2024-07-19 13:05:30",
            "ref": [
                2
            ],
            "source": "Maltiverse"
        }
    ],
    "classification": "malicious",
    "creation_time": "2024-07-19 13:05:30",
    "is_alive": false,
    "is_cdn": false,
    "is_cnc": false,
    "is_distributing_malware": false,
    "is_hosting": false,
    "is_iot_threat": false,
    "is_known_attacker": false,
    "is_known_scanner": false,
    "is_mining_pool": false,
    "is_open_proxy": false,
    "is_phishing": false,
    "is_sinkhole": false,
    "is_storing_phishing": false,
    "is_tor_node": false,
    "is_vpn_node": false,
    "modification_time": "2024-10-24 23:12:55",
    "scoring_executed_time": "2025-02-14 07:16:05",
    "sha256": "c85eedd51dced48b3764c2d5bdb8febefe4210a2d9611e0fb14ffc937b80e302",
    "tag": [
        "https://www.trendmicro.com/en_us/research/24/g/cve-2024-38112-void-banshee.html"
    ],
    "type": "sample"
}

Antivirus positives

Antivirus Threat
ALYac Trojan.GenericKD.73006088
AVG Other:Malware-gen [Trj]
AhnLab-V3 Trojan/PowerShell.Agent.SC201314
Arcabit Trojan.Generic.D459FC08
Avast Other:Malware-gen [Trj]
BitDefender Trojan.GenericKD.73006088
Bkav W32.Common.56CAC5C0
ESET-NOD32 PowerShell/TrojanDownloader.Agent.IPJ
Emsisoft Trojan.GenericKD.73006088 (B)
FireEye Trojan.GenericKD.73006088
Fortinet PowerShell/Agent.IPJ!tr
GData Trojan.GenericKD.73006088
Google Detected
Ikarus Trojan-Downloader.PowerShell.Agent
Kaspersky HEUR:Trojan.PowerShell.Generic
Lionic Trojan.Script.PowerShell.4!c
MAX malware (ai score=85)
MicroWorld-eScan Trojan.GenericKD.73006088
Microsoft Trojan:PowerShell/Malgent.HNAA!MTB
Sophos Troj/PSDL-VZ
Symantec ISB.Downloader!gen285
Tencent Win32.Trojan-Downloader.Downloader.Czlw
TrendMicro Trojan.PS1.ATLANTIDA.YXEGR
TrendMicro-HouseCall Trojan.PS1.ATLANTIDA.YXEGR
VIPRE Trojan.GenericKD.73006088
ZoneAlarm HEUR:Trojan.PowerShell.Generic
alibabacloud Trojan[downloader]:Win/Agent.IXU
CAT-QuickHeal Script.trojan.A12413394
McAfee PS/Downloader.ji
Skyhigh PS/Downloader.ji
Varist PSH/Agent.PJ
huorong HEUR:TrojanDownloader/PS.NetLoader.z
Sophos Troj/PSDl-WE