MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 05f00e67e00066dde935710aaee65479f1a45366ce245a561f92883c2f3f2275. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


404Keylogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 05f00e67e00066dde935710aaee65479f1a45366ce245a561f92883c2f3f2275
SHA3-384 hash: e0d301763ecdb5023f54db09a817889ffaaaa1306c1f434e93f95c232b59d782284fa6de0317ac76fb31fa6752f8a85a
SHA1 hash: 1664128dc4bb58a6782bce79ee25fee67a98f327
MD5 hash: ef74a47566d37e98518c8f1f391a537e
humanhash: sink-seven-massachusetts-low
File name:Purchase Invoice 07072020.zip
Download: download sample
Signature 404Keylogger
Create hunting rule
File size:314'563 bytes
First seen:2020-07-07 12:43:30 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:ok/HNqCehvvJIhw4ogpF9FEcHfXekWXQfVO+Jzq4Io9m4QTJaHYv/sOi:orBvvt49Xd/ek4QfVcdo99j4v/sL
TLSH 8A6423A84D2A1B05C36AB4D31D0306576A505207CEF75E3C535AD6F62F1A5B2E230FAA
Reporter abuse_ch
Tags:404Keylogger zip


Avatar
abuse_ch
Malspam distributing 404Keylogger:

HELO: blue103.dnsmisitio.net
Sending IP: 186.64.119.146
From: KENNY VALDER <modchem@cyber.net.pk>
Subject: New Purchase Order / Quotation Request
Attachment: Purchase Invoice 07072020.zip (contains "Purchase Invoice 07072020.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
86
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
PUA.Win.Adware.Slugin-6803969-0
Create hunting rule

PUA.Win.Adware.Slugin-6840354-0
Create hunting rule

SecuriteInfo.com.Trojan.Delf.FareIt.Gen.7.12662.24668.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/05f00e67e00066dde935710aaee65479f1a45366ce245a561f92883c2f3f2275/
Threat name:
Win32.Infostealer.Fareit
Create hunting rule
Status:
Malicious
First seen:
2020-07-07 12:45:07 UTC
AV detection:
34 of 48 (70.83%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=axya4z7aabtn32jvoefk5zsuphy2iu3gzysfuvq7skedylz7ej2q._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

404Keylogger

zip 05f00e67e00066dde935710aaee65479f1a45366ce245a561f92883c2f3f2275

(this sample)

404Keylogger

Executable exe 65a226dbf2cb9d30ad397117199260d3b8989e99c01de03a0d4f8eb0622794fc

  
Dropping
MD5 9bc9fdc6a7fc7dc12b34957123bad0d4
  
Dropping
404Keylogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 65a226dbf2cb9d30ad397117199260d3b8989e99c01de03a0d4f8eb0622794fc

Comments