MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 85d928b93906c46cfceee6ac85eced8d5126673972c007849c2305265e682d44. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 85d928b93906c46cfceee6ac85eced8d5126673972c007849c2305265e682d44
SHA3-384 hash: 22a740cb9dbd2d59a0c200d370235c2524e2349396f4c20c785155db7ccba4b6611e6fec5ee434797b22f840e0fbf819
SHA1 hash: f444fef2b5e3c94ffec91b81bad5fa08dd34a160
MD5 hash: 46d683ab723e06aad6729c34ec781780
humanhash: harry-fruit-blue-seventeen
File name:Fișă de plată 0005102401 21.07.2020.7z
Download: download sample
Signature MassLogger
Create hunting rule
File size:676'866 bytes
First seen:2020-07-21 07:29:35 UTC
Last seen:Never
File type: 7z
MIME type:application/x-rar
ssdeep 12288:0+gyvhFkvixjY8xu26eM+YuwtZArLtrabZX/m3XWlmIBBx0DroAmKL:syvhFeytu2mtSGd/smlmIPx0DEAL
TLSH 27E423CB4713D13CF57AB410E021CD43E6492E4C1238DEE2BD5A0EE6799B6AB67F054A
Reporter abuse_ch
Tags:7z MassLogger


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: ripper1.x-logix.pt
Sending IP: 176.61.147.243
From: Adrian Niculae <adrianiculae@gmail.com>
Subject: Fișă de plată 21.07.2020
Attachment: Fișă de plată 0005102401 21.07.2020.7z (contains "Fișă de plată 0005102401 21.07.2020.exe")

MassLogger FTP exfil server:
ftp.antares-group.ro:21

Intelligence

File Origin
# of uploads :
1
# of downloads :
70
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/85d928b93906c46cfceee6ac85eced8d5126673972c007849c2305265e682d44/
Threat name:
ByteCode-MSIL.Spyware.Negasteal
Create hunting rule
Status:
Malicious
First seen:
2020-07-21 07:31:06 UTC
AV detection:
15 of 28 (53.57%)
Threat level:
  2/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=qxmsrojza3cgz7ho42wil3hnrvismzzzolaapbe4emcsmxtifvca._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legal
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/85d928b93906c46cfceee6ac85eced8d5126673972c007849c2305265e682d44

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

7z 85d928b93906c46cfceee6ac85eced8d5126673972c007849c2305265e682d44

(this sample)

MassLogger

Executable exe daa21287c64f4ddf57136d013858af29aaa8ad92ee7d7cde68531f0b5979c55d

  
Dropping
MD5 df6dfd4217dd9bdeb61f1214326a6e93
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 daa21287c64f4ddf57136d013858af29aaa8ad92ee7d7cde68531f0b5979c55d

Comments