MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4fb747b6c79d7e978c661fd3479124e92c5be6ba644c370dd4acd633e3d5fdf7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 4fb747b6c79d7e978c661fd3479124e92c5be6ba644c370dd4acd633e3d5fdf7
SHA3-384 hash: 19c4c86c2749e522f0d4e4ded89dbbb700ca4e3f5875928ca10ab5bc160dffe687f7bc085660b0427142af0cbb37c41c
SHA1 hash: 4074cb75245db5cddeb9afbcc4a411cc839d0778
MD5 hash: 88b5cae0beed5703ca2c5a4f0dc16361
humanhash: robert-eleven-echo-october
File name:OOCS DI 20002876.iso
Download: download sample
Signature MassLogger
Create hunting rule
File size:1'552'384 bytes
First seen:2020-07-21 09:19:59 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 12288:iMfUaGWFn+W+/HEkNtLyIsG5EypNbv7sUyzO2kTCvZOEAXEJaCvr3tasNDu:Z8TdW+ls1ipv7sfj+wOVXSaCxas
TLSH 28754C3A74D2442AC8182A7684749AD0B2E677463B63DF2DF19B130B5F0376F77064EA
Reporter abuse_ch
Tags:iso MassLogger


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: terra.com.br
Sending IP: 193.142.59.124
From: SUM Enterprises. <sumecel@terra.com.br>
Subject: Inquiry_AOS OOCS DI 20002876
Attachment: OOCS DI 20002876.iso (contains "OOCS DI 20002876.exe")

MassLogger SMTP exfil server:
mail.privateemail.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
61
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.GenericKD.43524845.13104.15990.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/4fb747b6c79d7e978c661fd3479124e92c5be6ba644c370dd4acd633e3d5fdf7/
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-07-21 09:21:06 UTC
AV detection:
14 of 29 (48.28%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=j63upnwhtv7jpddgd7jupeje5ewfxzv2mrgdodouvtldhy6v7x3q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legal
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/4fb747b6c79d7e978c661fd3479124e92c5be6ba644c370dd4acd633e3d5fdf7

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

iso 4fb747b6c79d7e978c661fd3479124e92c5be6ba644c370dd4acd633e3d5fdf7

(this sample)

MassLogger

Executable exe 83b37e01d5d48f6a7bc0557863a4e91e84dfc8a1e721850ea265f78cbd6d275a

  
Dropping
MD5 27f8ea7f5eca57a8ad069629b50f942e
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 83b37e01d5d48f6a7bc0557863a4e91e84dfc8a1e721850ea265f78cbd6d275a

Comments