MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 46455dab58abbeca83badbb41504561f481dfeac961f86024c51b1d0767e5559. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 46455dab58abbeca83badbb41504561f481dfeac961f86024c51b1d0767e5559
SHA3-384 hash: 1743eb7f84bc72b242cbfe64f20cd6903510b03b57a9a557815ee821fa2d6a4a2f164643df05b95816371f7306aa8bfd
SHA1 hash: 502fa825a9dbd586696ae05260d18ce9bd67c63f
MD5 hash: 2d954f4b6b5f2997673f7046a936f0a2
humanhash: king-autumn-artist-leopard
File name:Our New Order June 17 7020 at 2.30_PVV440_PDF.img
Download: download sample
Signature MassLogger
Create hunting rule
File size:1'900'544 bytes
First seen:2020-06-17 18:24:43 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 12288:5vldzeMQ4jawiY0ujYfUaVqJ54O9Pb2j5cPA7iYxdS8JW0K6K:5/JQ4jsdfUs4D9PbK5c3YxQo
TLSH CB956B3635C25928C5280572406B9AC29AF36B853A53DB1EF0AF439B5F42F2F7B520DD
Reporter abuse_ch
Tags:img MassLogger


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: server3.avaforum.com
Sending IP: 185.76.77.126
From: Makilov Versiley <direccion@eucov.com>
Subject: RE: AW: Our New Order No. 155717
Attachment: Our New Order June 17 7020 at 2.30_PVV440_PDF.img (contains "Our New Order June 17 7020 at 2.30_PVV440_PDF.exe")

MassLogger SMTP exfil server:
mail.kogep-k.hu:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
72
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Mal.Generic-S.6875.8914.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-06-17 14:14:37 UTC
AV detection:
16 of 31 (51.61%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=izcv3k2yvo7mva523o2bkbcwd5eb37vmsypymasmkgy5a5t6kvmq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

img 46455dab58abbeca83badbb41504561f481dfeac961f86024c51b1d0767e5559

(this sample)

MassLogger

Executable exe 4035190e2bab1261203e91970cfdc1f3e13387dcf624ed03f05692e480352fe7

  
Dropping
MD5 8f71a7609408e4af8e1bb7b4bd7307a0
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 4035190e2bab1261203e91970cfdc1f3e13387dcf624ed03f05692e480352fe7

Comments