MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 01b98fee3d92f9e407095af26f9fade0472db3b9f25862d2b35182942defec1b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

MassLogger

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	01b98fee3d92f9e407095af26f9fade0472db3b9f25862d2b35182942defec1b
SHA3-384 hash:	f7f7e1e39213e5faa0db68905eb9028f93c26748585df3fcc8bb6efda948ce9d5512e931c7c8e3e14e2b97c50c45bb99
SHA1 hash:	841f5b3ceec955fe65b585e6b37b2a48ee56a07b
MD5 hash:	b3442cf9bba57a6b0e86f12866a8171e
humanhash:	johnny-bulldog-lion-september
File name:	POHD512-6 5700.img
Download:	download sample
Signature	MassLogger Create hunting rule
File size:	978'944 bytes
First seen:	2020-08-18 06:29:55 UTC
Last seen:	Never
File type:	img
MIME type:	application/x-iso9660-image
ssdeep	24576:Q/EXH3aW/UOr1eUclMBx3M6C2VeEUuVYU5m:dH3aMzeUclKxrVe5m
TLSH	C1251231329C6379D9BE573D0821618227F7F515AA72EA5D7D8C014D4FA3B828732BA3
Reporter	abuse_ch
Tags:	img MassLogger

abuse_ch

Malspam distributing MassLogger:

HELO: mail.sli.cz
Sending IP: 89.203.138.188
From: Andrea Gerigk <andrea.gerigk@airindia.in>
Subject: NEW PO FROM JX NIPPON ANCI (PO#HD512-6 5700)1
Attachment: POHD512-6 5700.img (contains "PO#HD512-6 5700.exe")