MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a7356c1b5bd52aa3e0fe04f9084b27d1c30b21ab02b7cb3dc12b7dd47728805d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a7356c1b5bd52aa3e0fe04f9084b27d1c30b21ab02b7cb3dc12b7dd47728805d
SHA3-384 hash: 25c8dc7f274345375f5e74d70a962d838f0fc2f494b2977b7089632445d247c8ed517cbf2548a510448b51f17f9c4fb6
SHA1 hash: cd1183784e979c4ef3ca4a7b2413e2d5099e201d
MD5 hash: 28f3c1353ab364145ad744d3440a5904
humanhash: twelve-green-alabama-september
File name:20200408__001003001001.XLS.z
Download: download sample
Signature MassLogger
Create hunting rule
File size:913'673 bytes
First seen:2020-08-04 11:11:04 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 24576:6h336WMSQPIRbaG5qLl5PLjQFwZs6nQgDVb0:26Ac2a8qLb/QFcs6nQgD90
TLSH 8D15337D23F21ECD4262ABDAECC75A4D49A8DDC901319DC7A49F18D7AC7BE67420620C
Reporter abuse_ch
Tags:MassLogger z


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: sbmc.com.cn
Sending IP: 156.96.58.85
From: Yang <info@sbmc.com.cn>
Subject: 询价
Attachment: 20200408__001003001001.XLS.z (contains "20200408__001003001001.XLS.exe")

MassLogger SMTP exfil server:
smtp.yandex.com.tr:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
62
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Variant.Graftor.807433.11886.16799.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a7356c1b5bd52aa3e0fe04f9084b27d1c30b21ab02b7cb3dc12b7dd47728805d/
Threat name:
Win32.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-08-04 11:13:05 UTC
AV detection:
11 of 48 (22.92%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=u42wyg232uvkhyh6at4qqszh2hbqwinlak34wpobfn65i5ziqboq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Cryptor
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/a7356c1b5bd52aa3e0fe04f9084b27d1c30b21ab02b7cb3dc12b7dd47728805d

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip a7356c1b5bd52aa3e0fe04f9084b27d1c30b21ab02b7cb3dc12b7dd47728805d

(this sample)

MassLogger

Executable exe f7c64b437d10f5483b3a78cbf4a08f22cd829c60515c312d2bd21e1a37e250ce

  
Dropping
MD5 8b13b35d3207a2dd036004fa35a91606
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 f7c64b437d10f5483b3a78cbf4a08f22cd829c60515c312d2bd21e1a37e250ce

Comments