MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 222d47d2ab68ed17a32d8c1ba18472971a6395012549792730ce73f978fee682. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 222d47d2ab68ed17a32d8c1ba18472971a6395012549792730ce73f978fee682
SHA3-384 hash: cf0cc4807d43e03ee402585de67f868e966a5e9cea151651a310c3310d808a66f1188c3fdfa6be65e5388a86ea9a4bb3
SHA1 hash: 68a6e62081e496581e3e67b8733408ec4bf06bc5
MD5 hash: e28fc40c1314d71852c7f3afbcd1c130
humanhash: oklahoma-tango-three-music
File name:PRODUCT SAMPLE SPECIFICATION.zip
Download: download sample
Signature MassLogger
Create hunting rule
File size:961'475 bytes
First seen:2020-10-21 09:59:56 UTC
Last seen:2020-10-23 09:46:08 UTC
File type: zip
MIME type:application/zip
ssdeep 24576:AW910xkIHJRfiXr5yYmAC2DxboA4vzXlcRk9:AW9ydnfiXr5FC2yAUzXl5
TLSH F01533ECB75EBDBFBFADF80856774B267F2D6B0AD181A4B05520733386E11814805B91
Reporter abuse_ch
Tags:MassLogger zip


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: bistro.com.ph
Sending IP: 62.113.215.229
From: Eymen Mustafa<tgifhighst@bistro.com.ph>
Subject: Prime Product Concepts - Quotation Request
Attachment: PRODUCT SAMPLE SPECIFICATION.zip (contains "PRODUCT SAMPLE SPECIFICATION.exe")

Intelligence

File Origin
# of uploads :
3
# of downloads :
65
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/222d47d2ab68ed17a32d8c1ba18472971a6395012549792730ce73f978fee682/
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-10-21 00:06:43 UTC
File Type:
Binary (Archive)
Extracted files:
12
AV detection:
18 of 25 (72.00%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=eiwupuvlndwrpiznrqn2dbdss4nghfibevexsjzqzzz7s6h642ba._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip 222d47d2ab68ed17a32d8c1ba18472971a6395012549792730ce73f978fee682

(this sample)

MassLogger

Executable exe bc765dde157a6c7c2062c20b7f57bdb8fcb9baae079a362ff0a2b7e9420899f2

  
Dropping
MD5 b8e8dc88f182cd5604a75140854b8039
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 bc765dde157a6c7c2062c20b7f57bdb8fcb9baae079a362ff0a2b7e9420899f2

Comments