MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3a1730f460d22be352b85060902374e59c3d8d392ce7983008e6ab3d02143f0f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: 3a1730f460d22be352b85060902374e59c3d8d392ce7983008e6ab3d02143f0f
SHA3-384 hash: ed8c1ce5f9fd561f84e6c5b29dcd53121f1bbaa152803173d79ecec00df28722f2846a018ebd5ba9ecf659d13812f39a
SHA1 hash: 91ccd0d009ca9c6844739d2c192dfa6db1d51193
MD5 hash: 70f9db6e11b88475cb440823ce06c32c
humanhash: moon-wisconsin-lamp-hot
File name:Demande client 001071.r00
Download: download sample
Signature MassLogger
File size:13'822 bytes
First seen:2020-07-31 10:55:22 UTC
Last seen:Never
File type: r00
MIME type:application/x-rar
ssdeep 384:RVkHw9RdOP9fPSTK6j0uSZmfeqfSGp3BDziAY/sKVgz:RVQe+3STf0bmbB31LYO
TLSH 1C52C010213D7849B073814E8525F1A871F7BB7BB44E40CFD5F256A7B929AA21379C37
Reporter @abuse_ch
Tags:MassLogger r00


Twitter
@abuse_ch
Malspam distributing unidentified malware:

HELO: effectivecloud.mynewserver.com
Sending IP: 46.226.193.113
From: S├ębastien Laprade <leh@clasquin.com>
Subject: Clasquin France SA - Demande client: 001071
Attachment: Demande client 001071.r00 (contains "Clasquin France SA - Demande client 001071 - SKBMT-07-31-2020-105-img00215.exe")

Intelligence


File Origin
# of uploads :
1
# of downloads :
28
Origin country :
US US
Mail intelligence
Geo location:
IT Italy
Volume:
Low
Geo location:
Global
Volume:
Medium
Vendor Threat Intelligence
Threat name:
n/a
Status:
Benign
First seen:
2020-07-31 10:57:04 UTC
AV detection:
1 of 48 (2.08%)
Trust factor
  5/5
Threat name:
Suspicious File
Score:
0.60

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

r00 3a1730f460d22be352b85060902374e59c3d8d392ce7983008e6ab3d02143f0f

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments