MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2dcc012b0a495baa7ad7bd1e81771dc4dc268b900acb88927b30262c7b17a30e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2dcc012b0a495baa7ad7bd1e81771dc4dc268b900acb88927b30262c7b17a30e
SHA3-384 hash: b5a5cb0033d258d50212f95ce7e4c8771b176b0e24bae97ce58c8ead51d5bb1bca468180d44d4bde9ca12310d43dcc80
SHA1 hash: f388215ff1392aea210372f6b4fafd06858d379d
MD5 hash: 31e644ad93fc31530d17449d8473f746
humanhash: lima-carolina-edward-magnesium
File name:T452c.zip
Download: download sample
Signature MassLogger
Create hunting rule
File size:667'004 bytes
First seen:2020-06-04 13:24:02 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:0tGpjrZTFmDRwd7toGUXu0z0MBH83IHraIfhuoCWJIgYlY+OE1B:0tcjr9Fiid7GGU5wMe3MaIpuoC6Ig2YM
TLSH 3BE42351397FD98B1DAE0490AB1363909AEF1FC757C442405B9A89FEECC85275823E8F
Reporter abuse_ch
Tags:MassLogger zip


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: mail01.iglumedia.com
Sending IP: 84.246.210.161
From: Kawthar Youness <kawthar@ayadsons.com>
Subject: تأكيد الدفع المسبق للطلب T452c
Attachment: T452c.zip (contains "T452c.exe")

MassLogger FTP exfil server:
desguacespalomino.com:21

Intelligence

File Origin
# of uploads :
1
# of downloads :
61
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-06-04 13:36:27 UTC
AV detection:
6 of 48 (12.50%)
Threat level:
  2/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=fxgackykjfn2u6wxxupic5y5ytocnc4qblfyret3gatcy6yxumha._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip 2dcc012b0a495baa7ad7bd1e81771dc4dc268b900acb88927b30262c7b17a30e

(this sample)

MassLogger

Executable exe abb92cc0ee7de64a2e4c8ed099c996bb211dd7645bc78c993d66a7b159ff561e

  
Dropping
MD5 da19d1faa781a2a51d1686655aa11f65
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 abb92cc0ee7de64a2e4c8ed099c996bb211dd7645bc78c993d66a7b159ff561e

Comments