MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 644c9cf4829eb937cbecbeac43175b720a36c38d9cb3fbee3e22346f08fd8b33. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 644c9cf4829eb937cbecbeac43175b720a36c38d9cb3fbee3e22346f08fd8b33
SHA3-384 hash: 4243506f83399ec5e576f5c21864e0195fedfe0211806d294ff3041e1ce7013e31473810dae3431addcfcf0b213d210e
SHA1 hash: 5ee79913dbb5d4f655a060fb909f364a543ea63c
MD5 hash: 3569faf4156c13edc66336020b402366
humanhash: spring-fix-fix-artist
File name:Tech7 A S Profile.rar
Download: download sample
Signature MassLogger
Create hunting rule
File size:892'574 bytes
First seen:2020-06-11 06:31:33 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 24576:hG0lEw2Ap6K19yu9ZfICkZoMTxZ17Zev1a2f:lWw2+6wyyZwHZoMT1MNaU
TLSH 84153304E8B6C97CB7A2AF62471926C25C9C0F6C5CDC7DAB7281CD939C4A5F9C0309D9
Reporter abuse_ch
Tags:MassLogger rar


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: tech7automation.com
Sending IP: 37.49.224.135
From: SOURAV GUPTA <purchase2@tech7automation.com>
Subject: Quotation Required on Top Urgent Basis for Supply of Commercial & Industrial Goods
Attachment: Tech7 A S Profile.rar (contains "Tech7 A S Profile.exe")

MassLogger SMTP exfil server:
mail.privateemail.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
63
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-06-11 06:33:05 UTC
AV detection:
17 of 31 (54.84%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=mrgjz5ect24tps7mx2wegf23oifdnq4ntsz7x3r6ei2g6ch5rmzq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

rar 644c9cf4829eb937cbecbeac43175b720a36c38d9cb3fbee3e22346f08fd8b33

(this sample)

MassLogger

Executable exe 083c70afde1be48426ebcf28eacfa0cd47f96130790b79f5a367ae6b00eab142

  
Dropping
MD5 75de41ae05708e3574b8e734996eb88f
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 083c70afde1be48426ebcf28eacfa0cd47f96130790b79f5a367ae6b00eab142

Comments