MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 481b4c8877298729d66d8febce48915d793232ed999945e9a90699ba72edf34a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


404Keylogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 481b4c8877298729d66d8febce48915d793232ed999945e9a90699ba72edf34a
SHA3-384 hash: c84ecf888f60a3a1e2f15cb46ae121a89a361a9c09674007c431fb5c528e74c82395a0a1d3301502c798f18631c103a1
SHA1 hash: 0d654321f4ff4c84b4a90685e72a1fb0b9f303d4
MD5 hash: 9c3c47defd27a980899a3849b0ff61a5
humanhash: island-muppet-east-oxygen
File name:COPIA DE PAGO.arj
Download: download sample
Signature 404Keylogger
Create hunting rule
File size:303'911 bytes
First seen:2020-07-10 05:09:18 UTC
Last seen:Never
File type: arj
MIME type:application/x-rar
ssdeep 6144:/QXd/1MaCHeN6bTbHJdDD5eV82xCRy/viQGtNFhJGEHmubkdtP:IXx1MaoBbT1dxeVXxwyHiQ2N/0EG9P
TLSH 83542309D4877ABF089F53B025E8B564EAA300F5E99B6CFD14066C12C117CE7D5BCAC9
Reporter abuse_ch
Tags:404Keylogger arj


Avatar
abuse_ch
Malspam distributing 404Keylogger:

HELO: vasiliscs.com
Sending IP: 45.153.241.102
From: CUENTAS <accounts@vasiliscs.com>
Subject: Especificación del desglose del pago pendiente.
Attachment: COPIA DE PAGO.arj (contains "COPIA DE PAGO.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
71
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/481b4c8877298729d66d8febce48915d793232ed999945e9a90699ba72edf34a/
Threat name:
Win32.Infostealer.Fareit
Create hunting rule
Status:
Malicious
First seen:
2020-07-10 05:11:06 UTC
AV detection:
16 of 29 (55.17%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=januzcdxfgdstvtnr7v44serlv4temxntgmul2nja2m3u4xn6nfa._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

404Keylogger

arj 481b4c8877298729d66d8febce48915d793232ed999945e9a90699ba72edf34a

(this sample)

404Keylogger

Executable exe 22de80f7b695a2d2de01c7de28554a3588b1a115c370df9d4ed6da63fa2fbc21

  
Dropping
MD5 81c0b67e2f4c89e737bc1592e5b4f67a
  
Dropping
404Keylogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 22de80f7b695a2d2de01c7de28554a3588b1a115c370df9d4ed6da63fa2fbc21

Comments