MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2070d6db94c933ec9a30fc2c2fa0021518a254019b13bc5d4ead5cdb1a75beb0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2070d6db94c933ec9a30fc2c2fa0021518a254019b13bc5d4ead5cdb1a75beb0
SHA3-384 hash: 13a582457c8c2fcb39e3aa78269589eefc0c65690b435b680d801666ec2fba0e1aa19e433df9d4511b5dd16889cb1b6d
SHA1 hash: 1d9a2db6ceb298860d8728a9266711d0e8d72222
MD5 hash: 02042808dd0ca0d5a049fac00f9b2bb6
humanhash: three-twelve-massachusetts-angel
File name:Purchase Order June 2020 CDisk_Copy.img
Download: download sample
Signature MassLogger
Create hunting rule
File size:1'507'328 bytes
First seen:2020-06-16 05:10:20 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 24576:DaWesAtKRg2G0HufAoyW2UxkyHzXZ/GVKJnehGQVba6mt:ub3KRg2fHuf4W28kOVemeAQVba6mt
TLSH 086513CDD2CC52E1C61D5A314CF5712813B5A956A222EE54FDC8F52A2F223B60173EAF
Reporter abuse_ch
Tags:img MassLogger


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: globalsupplygroup.biz
Sending IP: 155.94.185.74
From: Global Supply Inc <info@globalsupplygroup.biz>
Reply-To: Wong@globalsupplygroup.biz
Subject: Request For Quotation
Attachment: Purchase Order June 2020 CDisk_Copy.img (contains "PO_014567899342498776734675788948574576354.exe")

MassLogger SMTP exfil server:
smtp.privateemail.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
58
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Generic.mg.eaa8776e7fe85e8f.23537.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-06-16 05:12:06 UTC
AV detection:
17 of 31 (54.84%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=ebynnw4uzez6zgrq7qwc7iaccumkevabtmj3yxkovvonwgtvx2ya._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

img 2070d6db94c933ec9a30fc2c2fa0021518a254019b13bc5d4ead5cdb1a75beb0

(this sample)

MassLogger

Executable exe f7ecd0e638cbffb3b985691c57451ea93845e8f16e4003d0f91ba3f02eb54c03

  
Dropping
MD5 eaa8776e7fe85e8f5f8e240a94ff0eaf
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 f7ecd0e638cbffb3b985691c57451ea93845e8f16e4003d0f91ba3f02eb54c03

Comments