MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 026d50a01a14c860c305ac8ceadf80777a151edf84d4468aa618cdb233ae770e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 026d50a01a14c860c305ac8ceadf80777a151edf84d4468aa618cdb233ae770e
SHA3-384 hash: d7ec563e2a0fe2e97f386595cfd7ecafc0db2fa91d6c873e5381b51678407712fac504785df1363c396e876b9cc75788
SHA1 hash: 06890279dd6e6821aaefb494005e8bd72ee4af64
MD5 hash: 2813ff3f1f9a58639d128c630a2f5094
humanhash: echo-ceiling-delta-charlie
File name:09000900900.rar
Download: download sample
Signature Matiex
Create hunting rule
File size:193'101 bytes
First seen:2020-10-08 12:50:17 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 3072:aZO5tx7MxEWkzoJy0VyZnv4byhRp+5pBmvJzJk66L6LT0w5CIHZwxVNU4qJub3T6:aZCQEWkkwEybp4pBmhdn6O5k9xEY3T6
TLSH 4C14120DAB9E8752819262690F64F2E36152EC27AE5EF100941D89E544CA53F0F37DEB
Reporter abuse_ch
Tags:GarantiBBVA geo Matiex rar TUR


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: hosted-by.rootlayer.net
Sending IP: 185.222.57.209
From: Garanti BBVA Internet <dekont@garantibbva.com.tr>
Subject: DEKONT
Attachment: 09000900900.rar (contains "09000900900.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
100
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/026d50a01a14c860c305ac8ceadf80777a151edf84d4468aa618cdb233ae770e/
Threat name:
Win32.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-10-08 11:52:16 UTC
AV detection:
26 of 48 (54.17%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ajwvbia2ctegbqyfvsgovx4ao55bkhw7qtkencvgddg3em5oo4ha._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Zbot
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/026d50a01a14c860c305ac8ceadf80777a151edf84d4468aa618cdb233ae770e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip 026d50a01a14c860c305ac8ceadf80777a151edf84d4468aa618cdb233ae770e

(this sample)

Matiex

Executable exe f532c606947a2abffb614405ed58ec56bbba9b54f71b1bb00c824e46442d90a7

  
Dropping
MD5 4021dedb648334d95bf3b86498079758
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 f532c606947a2abffb614405ed58ec56bbba9b54f71b1bb00c824e46442d90a7

Comments