MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 1f1e1c079253f774dc02a7ff4e103a781573288802ba8c87af6790626fbcfca6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 1 Yara 1 Comments

SHA256 hash: 1f1e1c079253f774dc02a7ff4e103a781573288802ba8c87af6790626fbcfca6
SHA1 hash: ca05cf6c0eac29a22d1296a15804cec36a908347
MD5 hash: 96463f1796847224b85a96752b59ff17
File name:ZIRAT BANKA...IFT MESAJI.exe
Download: download sample
Signature n/a
File size:1'257'472 bytes
First seen:2020-05-22 15:39:57 UTC
Last seen:2020-05-22 16:46:13 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 12288:meN2hYvTW3zFMm/sWD55xJs2VqVJxxmyZXhr/jiIgCD1oWIz:sWTW3zFtsWFnJsLHZXxriIA
TLSH C0456B3738C28518C4394672007A9AC1A7F6AB413692CB6EFA9F534B4F02B3F77165D9
Reporter @James_inthe_box
Tags:exe

Intelligence


Mail intelligence
Trap location Impact
Global Low
# of uploads 2
# of downloads 25
Origin country FR FR
ClamAV SecuriteInfo.com.MSIL.Kryptik.WAJ.19792.UNOFFICIAL
VirusTotal:Virustotal results 22.86%

Yara Signatures


Rule name:masslogger_gcch
Author:govcert_ch

File information


The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments