Wednesday, 11 March 2015

Malware madness: sha256 hashes

To sum up so far this morning, as it's been crammed full of word/exel/xml based malware, 
here are the Sha256 hashes just in case this helps anyone searching for hashes:

52e7cf353466ed7a34da9fd5be5b14ac25a364493ac41ab7626b421904277943  Copy_1_of_INV_86-09.03.2015.doc
2d922dfc5ff3c29ee93d265d829492bdc230252a4278b9383dce92a48573975d  Copy_1_of_INV_86-09.03.2015.xls
9d4a83b002d15ac80cd5bb14cbd66294eca3a887401d7fefbe97f26e64abe9e8  Copy_4_of_INV_86-09.03.2015.xls
64dca452b88f89a3bff82640f573a9ab3bc85515b88c177d746b158cefc7add7  INV_86-09.03.2015.doc
189f436ca27dc657552eafc9b39f21b7dee873f4669c1ce9d7c11eb39fbec89d  INV_86-09.03.2015.xls
c7af5902e5922a9a89c4464a36b5c4f6d98e8d613a412581d7f64c2fab4ce2fb  Rem_0070XR.xml
acf8997bd263dc4a094cf2e80957843363372e34c5233d899e8b16c4504ed2db  Rem_1873HI.xml
106e168db790aa3178f6d32405e0344b027706e81d3d286dfc175ce709601259  Rem_2362IE.xml
9afa90370cfd217ae1ec36e752a393537878a2f3b5f9159f61690e7790904b0d  Rem_7024FW.xml


Note: The files names are random but just gives you an idea on format.

Wonder what's next...

Cheers,

Steve
Sanesecurity.com



2 comments:

Big Roj said...

They've really been going for it this morning haven't they Steve? Starting to get really sick of it now. Keep up the good work though.

Chris said...

Busy day that's for sure!

Some interesting new methods too (environment detection)

Fun times