MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f46e28c7a2557f41f0d572d066113bbeb7550b860cd64cf4f977ac1116623187. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: f46e28c7a2557f41f0d572d066113bbeb7550b860cd64cf4f977ac1116623187
SHA3-384 hash: efcbbcbf22218e0e42c4667f84f5dd713186186dcc3956aee6caa03482dd16589cecd596eb78bb0a5ba73fde37b89552
SHA1 hash: e33d4c4ad90b7f07e38921594a93cb2f19d38b0f
MD5 hash: 66b0b62b935d3d78be5a749ea8004d21
humanhash: romeo-lake-august-washington
File name:AOS Neptune_028E.iso
Download: download sample
Signature MassLogger
Create hunting rule
File size:950'272 bytes
First seen:2020-06-11 05:54:25 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 12288:fiZuhpFnqI+im1u+0AlphaNOxwi+6ssv+SduKLXNbt3w0QdBTUJpTg+v2lLCM9BA:fThpFHI1hpeTPa+0LXI04kTgzhCM
TLSH A31522906AE9C732D46D42FC84622A4013327D666A33FF4A7ECCB0DE57937664254B2F
Reporter abuse_ch
Tags:iso MassLogger


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: jfcaust.com.au
Sending IP: 37.49.224.121
From: ORDER MEL(Eiko) <order.mel@jfcaust.com.au>
Subject: Inquiry_AOS Neptune_028E
Attachment: AOS Neptune_028E.iso (contains "AOS Neptune_028E.exe")

MassLogger SMTP exfil server:
mail.privateemail.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
58
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.BehavesLike.Win32.Generic.cc.22149.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-06-11 05:56:10 UTC
AV detection:
18 of 30 (60.00%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=6rxcrr5ckv7ud4gvoligmej3x23vkc4gbtlez5hzo6wbcftcggdq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

iso f46e28c7a2557f41f0d572d066113bbeb7550b860cd64cf4f977ac1116623187

(this sample)

MassLogger

Executable exe cc9cd3fab00a7ca68c26cbf9bfcf691aafd004232149c04d2d082a1fe06b9f32

  
Dropping
MD5 6113ddc1b5a8d0984b259768fa03a681
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 cc9cd3fab00a7ca68c26cbf9bfcf691aafd004232149c04d2d082a1fe06b9f32

Comments