MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 12c3cd6afeb0da63f0ef22c0f430665a489d477876fb97f55fb4466badd21571. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 12c3cd6afeb0da63f0ef22c0f430665a489d477876fb97f55fb4466badd21571
SHA3-384 hash: 35a399a1e408d2831f5c560921125c6191a098a2bdac469275dc607de77571fea75d9ac9ff0dbbc368071b61a192aaa0
SHA1 hash: ba21da1c9929d198428f1027e8977710260e876c
MD5 hash: 80d95f54fb018493a44ecd0b767488ee
humanhash: maine-angel-angel-texas
File name:commande 4002.zip
Download: download sample
Signature Matiex
Create hunting rule
File size:190'115 bytes
First seen:2020-08-07 13:12:11 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 3072:A15OaP4hFOEYRPuc0wIGk8YaPcpA2a2MJXbscKHjv/Zee4ZYpePOoI7bUjD205mE:aO/CQuPn2a2MAD14ZXsbia0EE
TLSH C704124699EC682F0B9E294C770E9068F84EF41435E144629C8CF3451B6BE2BDA65FCF
Reporter abuse_ch
Tags:Matiex zip


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: vps584942.ovh.net
Sending IP: 92.222.90.70
From: Dumazy, Eric <edumazy@flowserve.com>
Reply-To: Dumazy Eric <narketing163@gmail.com>
Subject: commande
Attachment: commande 4002.zip (contains "R980533211.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
73
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.AdWare.Generic.tpvr.427.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/12c3cd6afeb0da63f0ef22c0f430665a489d477876fb97f55fb4466badd21571/
Threat name:
Win32.Trojan.Injects
Create hunting rule
Status:
Malicious
First seen:
2020-08-07 13:14:05 UTC
AV detection:
15 of 48 (31.25%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=clb422x6wdngh4hpelapimdgljej2r3yo35zp5k7wrdgxloscvyq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/12c3cd6afeb0da63f0ef22c0f430665a489d477876fb97f55fb4466badd21571

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip 12c3cd6afeb0da63f0ef22c0f430665a489d477876fb97f55fb4466badd21571

(this sample)

Matiex

Executable exe cca5e12f1d9a4823e1188c7af7f66e51299fa975f0a4f40062808bc7c5fc4001

  
Dropping
MD5 cea5d13da191b583af960af626f06c19
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 cca5e12f1d9a4823e1188c7af7f66e51299fa975f0a4f40062808bc7c5fc4001

Comments