MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7bcd90e8beb6eeb7f89104227b6697448b52f949548edb51668e36a8b6fe0ccd. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7bcd90e8beb6eeb7f89104227b6697448b52f949548edb51668e36a8b6fe0ccd
SHA3-384 hash: 4f1484cae70526539bd6b74a0b925e61655ed3db535a7c069c96c2dbdd6f4212b5c6c674e36e0366ce5648b4bb25463e
SHA1 hash: 3846f9b8194778ed82fb8a94db3acddd5b8fe56c
MD5 hash: 26df86c406a92d330a8ea0172fa3a6f1
humanhash: november-maine-echo-zulu
File name:new order100046611.Z
Download: download sample
Signature MassLogger
Create hunting rule
File size:896'927 bytes
First seen:2020-06-10 07:34:35 UTC
Last seen:Never
File type: z
MIME type:application/x-rar
ssdeep 12288:dMk+XTwbxgaCib/IOAinhujYcWPIvAZjz1+jLAP3/nLTu+ClCGrFj+xqPIoDz+1A:dMkoT6gWDncYcWwOKAv/LvC1Dx+9Dqll
TLSH 9E15334891CAB3DA14DEA1B01FB6D061C1315044EF63DDB2978D84619FEC2BB1CBA776
Reporter abuse_ch
Tags:MassLogger z


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: sarana.benvors.com
Sending IP: 45.64.97.68
From: Patrick <support4@islkenya.com>
Subject: RFQ 2020_06_10_PFF00
Attachment: new order100046611.Z (contains "new order#100046612.pdf.exe")

MassLogger SMTP exfil server:
mail.kteadubai.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
49
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-06-10 07:36:06 UTC
AV detection:
19 of 31 (61.29%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=ppgzb2f6w3xlp6eraqrhwzuxisfvf6kjkshnwulgry3krnx6btgq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

z 7bcd90e8beb6eeb7f89104227b6697448b52f949548edb51668e36a8b6fe0ccd

(this sample)

MassLogger

Executable exe e25b667d727278544032a0553b0ce93d6634f27be4c5abb8b7f103337bc683e2

  
Dropping
MD5 2b5d9e4d9062d4b0883a5de218e7c0b7
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 e25b667d727278544032a0553b0ce93d6634f27be4c5abb8b7f103337bc683e2

Comments