MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 1b7da1886e4cbdd598cf2c57283a29474cfebff9d4ca84460b7d706033563547. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 1b7da1886e4cbdd598cf2c57283a29474cfebff9d4ca84460b7d706033563547
SHA3-384 hash: 22d19d321f6d9ed25190994578acb83c47ff4153247f9f4542b2216e922e09c37bab13f8d204a919bc724899a56064de
SHA1 hash: 5751b77f3af3cc358f3ec5d78eb3e38fe0b727aa
MD5 hash: a72f3fb56851fcdfcdac267d70b58714
humanhash: angel-friend-cola-kilo
File name:00000000808000.zip
Download: download sample
Signature Matiex
Create hunting rule
File size:707'335 bytes
First seen:2020-12-22 15:48:44 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:JVAYObiaDqJ88HynLiE8O8VtpTfdaSA8G2zNEfJn32Gd6rcn0ecY6u:J+YoLqyXuQ3H6m3FdZ0Bvu
TLSH FDE4338230B3296EEDE25FD904E6CFC76A7F65FEF0EBC864A50B56891080751A61F103
Reporter abuse_ch
Tags:Matiex zip


Avatar
abuse_ch
Malspam distributing Matiex:

HELO: aol.com
Sending IP: 45.137.22.52
From: tidalmarineelec@aol.com
Subject: FACTURA PARA EL PAGO
Attachment: 00000000808000.zip (contains "00000000808000.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
318
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Foxhole.Zip_exenum416.UNOFFICIAL
Create hunting rule

Result
Verdict:
UNKNOWN
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/1b7da1886e4cbdd598cf2c57283a29474cfebff9d4ca84460b7d706033563547/
Threat name:
ByteCode-MSIL.Trojan.Zmutzy
Create hunting rule
Status:
Malicious
First seen:
2020-12-22 15:49:08 UTC
AV detection:
7 of 48 (14.58%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=dn62dcdojs65lggpfrlsqorji5gp5p7z2tfiirqlpvygam2wgvdq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.75
Link:
https://yomi.yoroi.company/submissions/1b7da1886e4cbdd598cf2c57283a29474cfebff9d4ca84460b7d706033563547

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip 1b7da1886e4cbdd598cf2c57283a29474cfebff9d4ca84460b7d706033563547

(this sample)

Matiex

Executable exe 42ed72b284dd390611cdc6b88aab94d9afa0b48d12037aa3edc64aeede11499c

  
Dropping
MD5 738b31b889afcc0e99bcfa3411a4cafe
  
Dropping
Matiex
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 42ed72b284dd390611cdc6b88aab94d9afa0b48d12037aa3edc64aeede11499c

Comments