MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8f454599de85acba90becf21df70d90ee0c760b58f7fb86b12a5d29d98efc62b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8f454599de85acba90becf21df70d90ee0c760b58f7fb86b12a5d29d98efc62b
SHA3-384 hash: e6c46244c1dbc56d30c7c4be72e3a2826d3b93fcbbc13b607a0f000f2e619b88bfd5112bf0fe36dead965dc4ae91ad88
SHA1 hash: 63d246ea1b93f4f93cb8abe8b005f6e80acf42d3
MD5 hash: 937608e55e5fb44ee80054d3041591e7
humanhash: hawaii-red-speaker-illinois
File name:P.O250520.zip
Download: download sample
Signature MassLogger
Create hunting rule
File size:800'975 bytes
First seen:2020-05-25 12:24:31 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 24576:t9SlLbfV4KfCor3qv5YlxsX3Kq8deuLXcE4e:ClvV4KhPSK9d4e
TLSH 2A05330CE1AF61A73D1B2506FB402208260D76D5598EE5C4F5E03E517B6CF97F8BB624
Reporter abuse_ch
Tags:MassLogger zip


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: dykbd.com
Sending IP: 103.147.184.73
From: info@dykbd.com
Subject: P.O for Newest Order
Attachment: P.O250520.zip (contains "P.O250520.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
63
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.Siggen9.49554.518.4470.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-05-25 12:37:04 UTC
File Type:
Binary (Archive)
Extracted files:
9
AV detection:
28 of 47 (59.57%)
Threat level:
  2/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip 8f454599de85acba90becf21df70d90ee0c760b58f7fb86b12a5d29d98efc62b

(this sample)

MassLogger

Executable exe 5c826e35fe48ce5410e9c553242a83e71b2408a57d3256bcd0bd4334412010b0

  
Dropping
MD5 aa5fb011e59d1e2a8bef56360a4f31b4
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 5c826e35fe48ce5410e9c553242a83e71b2408a57d3256bcd0bd4334412010b0

Comments