MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 aba7549afe001dee8821c1261776fb419c16a733dcafa3bac4c85fcc7ffbfedb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: aba7549afe001dee8821c1261776fb419c16a733dcafa3bac4c85fcc7ffbfedb
SHA3-384 hash: c5e501ade7704e3e3c3ae1ceefb2f7e6534ddbfe7ab2b0781c62459b5a86bc42a2e80ec1f6f5fa8662ee42b8c56c27e7
SHA1 hash: 37b06e9ff547a0f6acac5f4858636b9d2e54e480
MD5 hash: 32edf8935899d23d7e2202d655c4bd29
humanhash: south-muppet-lactose-emma
File name:Enquiry Items.gz
Download: download sample
Signature MassLogger
Create hunting rule
File size:937'187 bytes
First seen:2020-06-09 05:56:49 UTC
Last seen:2020-06-09 09:14:19 UTC
File type: gz
MIME type:application/x-rar
ssdeep 24576:SHBuqoUxJYMJA5NIIB43QakdbXA4UkIVPTq+IqOu:Cpx50jXkVPTqQOu
TLSH 6D1533059DB2E646A5FE05A04C93F54D1FB2D197DF47DF28316802523C81E8DEA2BBCA
Reporter abuse_ch
Tags:gz MassLogger


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: amityindia.com
Sending IP: 37.48.83.19
From: purchase@amityindia.com
Subject: Enquiry
Attachment: Enquiry Items.gz (contains "Enquiry Items.exe")

Intelligence

File Origin
# of uploads :
2
# of downloads :
59
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-06-09 05:20:34 UTC
AV detection:
19 of 31 (61.29%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=votvjgx6aao65cbbyetbo5x3igobnjzt3sx2howezbp4y77373nq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

gz aba7549afe001dee8821c1261776fb419c16a733dcafa3bac4c85fcc7ffbfedb

(this sample)

MassLogger

Executable exe 8c3156c901bae62d20fce1aa07a4c0e0252ac6ab6443877396a37f83441f2b65

  
Dropping
MD5 a009bf5f0bc5b29b3c7f70203584c20c
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 8c3156c901bae62d20fce1aa07a4c0e0252ac6ab6443877396a37f83441f2b65

Comments