MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 09708c349b537a720729486197e480ab3ba914a71757c86ada6d11e3200b2017. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 09708c349b537a720729486197e480ab3ba914a71757c86ada6d11e3200b2017
SHA3-384 hash: 7f20ae3d19f19b5626c2c17a72bd51d0c2e2f24637187b1c0c3e3a3d06df95a5255f915f5039b91088f0f8612385c7ae
SHA1 hash: 24a122873c13abe61957e392febdbb06c7219fa5
MD5 hash: 73d4f6d302fe83955a75c36a19ef28f1
humanhash: alabama-hotel-seventeen-happy
File name:T.HALK BANKASI A.S. 10.12.2020 Hesap Ekstresi.RAR
Download: download sample
Signature Matiex
Create hunting rule
File size:433'893 bytes
First seen:2020-12-10 11:17:44 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:oH4g67g4DiXcRhNtg1tPuLcFnV/v5aiEyuwo:aGlDiUG1tGLcFV/Ranwo
TLSH F89423DB198C85A38337C9AFBD7D23A2987014B584FCE6042240F6BE5DE550FA2E1736
Reporter abuse_ch
Tags:geo HalkbBank Matiex rar TUR


Avatar
abuse_ch
Malspam distributing Matiex:

HELO: hosted-by.rootlayer.net
Sending IP: 185.222.58.152
From: Türkiye İş Bankası A.Ş. <halkbank.e-ekstre@halkbank.com.tr>
Subject: T.HALK BANKASI A.Ş. 10.12.2020 Hesap Ekstresi
Attachment: T.HALK BANKASI A.S. 10.12.2020 Hesap Ekstresi.RAR (contains "T.HALK BANKASI A.S. 10.12.2020 Hesap Ekstresi.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
201
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Heur.11949.4925.UNOFFICIAL
Create hunting rule

Result
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/09708c349b537a720729486197e480ab3ba914a71757c86ada6d11e3200b2017/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=bfyiyne3kn5hebzjjbqzpzeavm52sffhc5l4q2w2nui6gialealq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/09708c349b537a720729486197e480ab3ba914a71757c86ada6d11e3200b2017

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip 09708c349b537a720729486197e480ab3ba914a71757c86ada6d11e3200b2017

(this sample)

Matiex

Executable exe e5494aa04c88444aaa9e2d455b3e644aa5ce5a925afd3c5ff1c6b9ecee44d5e3

  
Dropping
MD5 653629937d765c82bc1c56412b349aa2
  
Dropping
Matiex
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 e5494aa04c88444aaa9e2d455b3e644aa5ce5a925afd3c5ff1c6b9ecee44d5e3

Comments