MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 020bdfac4afa4c9183053109c34c1e4939ef8aab7a0165857f45b1c727d93704. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

MassLogger

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	020bdfac4afa4c9183053109c34c1e4939ef8aab7a0165857f45b1c727d93704
SHA3-384 hash:	3d438c95f2e7448cf28841b34f7584bbcbce1da38dc0930818beffcd6cfa35b23cf01cbeadfe9f5f475fab0841084e41
SHA1 hash:	1bd491aa747dbdca673fab7b07c6f19e07990fe9
MD5 hash:	3ec5b6a1b65bc54fa58aa06f4910c226
humanhash:	blossom-iowa-juliet-maine
File name:	CDF CETI-4501067162.PDF.gz
Download:	download sample
Signature	MassLogger Create hunting rule
File size:	1'388'679 bytes
First seen:	2020-08-05 07:59:47 UTC
Last seen:	Never
File type:	gz
MIME type:	application/gzip
ssdeep	24576:eOsCgaNqplhbOFQ/abaUrIU6ZY5YjYz8N4hrmn:edGfQ/azIU6ZY5YjKhrI
TLSH	F155330276CE1676578840B44890077ABD2BEA1E274D06728E3FCC5DB76ADF6638C7D8
Reporter	abuse_ch
Tags:	gz MassLogger

abuse_ch

Malspam distributing unidentified malware:

HELO: slot0.gasteev.com
Sending IP: 104.168.220.131
From: info@eleasunn.com
Subject: New Order #3744
Attachment: CDF CETI-4501067162.PDF.gz (contains "CDF CETI-4501067162.PDF.exe")