MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a17bc17287de7be6a356c706e3ce9d558bda0f58b839bd4725f8d18040dfe1b4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a17bc17287de7be6a356c706e3ce9d558bda0f58b839bd4725f8d18040dfe1b4
SHA3-384 hash: 5c453cc926c61c24598f827b389eff6b02999f700dade76d256d54ec7069274231a182b3efeae233641a1a818dead59a
SHA1 hash: ced5dc398c60f706335c4e7a83c6b20de61e6d03
MD5 hash: 4cf60798c26fa4f111fa5b0ababf7a8b
humanhash: pasta-speaker-louisiana-fish
File name:Payment AF6252020_PDF.zip
Download: download sample
Signature MassLogger
Create hunting rule
File size:830'378 bytes
First seen:2020-06-25 13:19:05 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:0dI9fLu1onD7r17pJrWkzUk8Q33kzav+2LdG4zZ4mVssMXRb/0HATU6yGIAgBJ:YSYW9pJbFZkzcLdGRmVss9Aw61gf
TLSH 7805239CC458B50BDA62E38AB1776CD2A484B93CFDCFA312057D18B21DD8561FB5B807
Reporter abuse_ch
Tags:MassLogger zip


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: mail.strongmailvault.com
Sending IP: 111.90.144.75
From: office@biotast.com
Subject: Payment
Attachment: Payment AF 6252020_PDF.zip (contains "Payment AF 6252020_PDF.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
71
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.Inject3.44022.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a17bc17287de7be6a356c706e3ce9d558bda0f58b839bd4725f8d18040dfe1b4/
Threat name:
ByteCode-MSIL.Infostealer.Fareit
Create hunting rule
Status:
Malicious
First seen:
2020-06-25 13:37:52 UTC
AV detection:
32 of 48 (66.67%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=uf54c4uh3z56ni2wy4dohtu5kwf5ud2yxa432rzf7diyaqg74g2a._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip a17bc17287de7be6a356c706e3ce9d558bda0f58b839bd4725f8d18040dfe1b4

(this sample)

MassLogger

Executable exe be5e5be8981ef261f24b21b1d6b67f5041d10ecc3eb3697a67142d43e71c7ece

  
Dropping
MD5 462d64b8cccac090d2d32c835ce36f32
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 be5e5be8981ef261f24b21b1d6b67f5041d10ecc3eb3697a67142d43e71c7ece

Comments