MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 0690c113a9b5497f2fa8b53e7f01a287291b08d48892620f66722134f39f6188. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 0690c113a9b5497f2fa8b53e7f01a287291b08d48892620f66722134f39f6188
SHA3-384 hash: 7e0fec92be455772f39b84758df588199399ffea1bdd4ea6c20c561565b24c4e15057e5f9bf7ebd6e5ccb3cfa447403a
SHA1 hash: da39497f64ca036110232efc0dce5d5b3b12773a
MD5 hash: 7b9c31f50de017063e97d5f6192875f6
humanhash: jupiter-grey-network-mars
File name:doc20200930_6650008538_87387743.r00
Download: download sample
Signature MassLogger
Create hunting rule
File size:861'043 bytes
First seen:2020-10-07 10:44:19 UTC
Last seen:Never
File type: r00
MIME type:application/x-rar
ssdeep 24576:dDMVKoE4gD4i/0E1mEtEdq4P1xFN4xgzlvmikTHoZSc:dDqR84ij8u4P1rAgQTMj
TLSH 110523B325EEF9728F888439CA1FDACF29948D04B37E0F09D37659A3B241D4B1615297
Reporter abuse_ch
Tags:MassLogger r00


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: bdpint.com
Sending IP: 156.96.62.59
From: Basak Kurt <basak.kurt@bdpint.com>
Reply-To: Basak Kurt <javedsulirna.business@gmail.com>
Subject: PO#SM0006045 EBAT ONAYI
Attachment: doc20200930_6650008538_87387743.r00 (contains "doc20200930_6650008538_87387743.exe")

MassLogger SMTP exfil server:
smtp.yandex.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
87
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/0690c113a9b5497f2fa8b53e7f01a287291b08d48892620f66722134f39f6188/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-10-07 10:21:26 UTC
AV detection:
6 of 48 (12.50%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=a2imce5jwvex6l5iwu7h6ancq4urwcgurcjged3goiqtj447mgea._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/0690c113a9b5497f2fa8b53e7f01a287291b08d48892620f66722134f39f6188

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

r00 0690c113a9b5497f2fa8b53e7f01a287291b08d48892620f66722134f39f6188

(this sample)

MassLogger

Executable exe d8aebda89bb5717256e78b44dd9e9ef54179d3590f7a6125da452e877c083c48

  
Dropping
MD5 256f8955f0533c15eea9cbe9711a417a
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 d8aebda89bb5717256e78b44dd9e9ef54179d3590f7a6125da452e877c083c48

Comments