MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0b2da1d6b98306bf204f7c061976afe3d460af1da864c104bb1b6f9d0997fddb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0b2da1d6b98306bf204f7c061976afe3d460af1da864c104bb1b6f9d0997fddb
SHA3-384 hash: f16c4fae2fa35ec044126ef456f855110e0ef515a548259a86506bf87281cc18362e96215fe0c7503822f8295aec8e28
SHA1 hash: 034c9a7f595b9206c7700cc01f91339c0f63f500
MD5 hash: 51160c0247a5df44b36938610c2574ce
humanhash: spring-early-avocado-vegan
File name:90047.zip
Download: download sample
Signature Matiex
Create hunting rule
File size:186'548 bytes
First seen:2020-08-12 15:55:52 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 3072:T7a5ulMMPYZZ5TUVe9XgQfUdotosYS++fpWLPQ8AXk8OAchDmjze:q5ulMMghgE97rlv+O4pAXkV790ze
TLSH 0104229A6F0D85578FC433906861BD2CE162E15CC6C6A91CC013AEAC54A317FF658FE7
Reporter abuse_ch
Tags:Matiex zip


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: mtk0.tunisia-trading.xyz
Sending IP: 94.242.55.17
From: Info <info@tunisia-trading.xyz>
Reply-To: <narketing163@gmail.com>
Subject: Demande de prix
Attachment: 90047.zip (contains "R010982210.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
71
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Artemis76954C7B0075.11931.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/0b2da1d6b98306bf204f7c061976afe3d460af1da864c104bb1b6f9d0997fddb/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-08-12 12:31:43 UTC
AV detection:
5 of 48 (10.42%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=bmw2dvvzqmdl6icppqdbs5vp4pkgbly5vbsmcbf3dnxz2cmx7xnq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.62
Link:
https://yomi.yoroi.company/submissions/0b2da1d6b98306bf204f7c061976afe3d460af1da864c104bb1b6f9d0997fddb

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip 0b2da1d6b98306bf204f7c061976afe3d460af1da864c104bb1b6f9d0997fddb

(this sample)

Matiex

Executable exe c4b558efd2baee3e3b2e39a7b88da203d870857a8331b403b003643ab066b930

  
Dropping
MD5 76954c7b00750983a2dc26ecd1dce1b7
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 c4b558efd2baee3e3b2e39a7b88da203d870857a8331b403b003643ab066b930

Comments