MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 07804d3100e6e8eb74c9a36697c7e496206c05e45f5dee423e1985d1f5bccf39. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 07804d3100e6e8eb74c9a36697c7e496206c05e45f5dee423e1985d1f5bccf39
SHA3-384 hash: 2591b40464858b9f1b07b1a361b96c6b332b620c29cc07841e44f387c77115fd673ba86f601281e69f6ec49ee8800f7b
SHA1 hash: 069166b411fae391559a597bca64383e8e039c35
MD5 hash: a63cea8d8c5314314ad627d4e8e87003
humanhash: california-harry-alaska-social
File name:REQUEST FOR QUOTATION-local lot.1,2,3,4,6container..zip
Download: download sample
Signature MassLogger
Create hunting rule
File size:722'407 bytes
First seen:2020-11-20 07:59:44 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:BX6CSqNdQ0nWEgmsTGXasrbF2lZsKb4w/Ft4R4AssUh5UDLSmPo9cQtVUa:BqCRy0WEBsuasrbJ2/tAHW0tA9cQtX
TLSH 8AE433AA6C8869D90C51017ECFE4C8C81ED67FC568DC6E8080BFCFC67E64D616B4B619
Reporter abuse_ch
Tags:MassLogger zip


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: futurebud.co.jp
Sending IP: 103.133.109.32
From: y.yumigeta mr. <y.yumigeta@futurebud.co.jp>
Subject: RE: *Request for Quotation*
Attachment: REQUEST FOR QUOTATION-local lot.1,2,3,4,6container..zip (contains "{REQUEST FOR QUOTATION-local lot.1,2,3,4,6container..exe")

MassLogger SMTP exfil server:
mail.vitracer.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
121
Origin country :
n/a
Vendor Threat Intelligence
Result
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/07804d3100e6e8eb74c9a36697c7e496206c05e45f5dee423e1985d1f5bccf39/
Threat name:
ByteCode-MSIL.Trojan.Taskun
Create hunting rule
Status:
Malicious
First seen:
2020-11-20 08:00:09 UTC
AV detection:
13 of 48 (27.08%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=a6ae2mia43uow5gjuntjpr7esyqgybpel5o64qr6dgc5d5n4z44q._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip 07804d3100e6e8eb74c9a36697c7e496206c05e45f5dee423e1985d1f5bccf39

(this sample)

MassLogger

Executable exe e1f6596be115f9fa6aea3ac07636a505c92fadbfb97de7e8f12c67a934c4d38b

  
Dropping
MD5 abe6336349ffdff29c7cd5caa34f18ed
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 e1f6596be115f9fa6aea3ac07636a505c92fadbfb97de7e8f12c67a934c4d38b

Comments