MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2acd811e287386bea81c860f8a6447294ad9dfab57f9cc1027ece210a0c2b46e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 2acd811e287386bea81c860f8a6447294ad9dfab57f9cc1027ece210a0c2b46e
SHA3-384 hash: 36bf01d779b7a7c373bd6db141002d291019377d963b938855bf3a2fa7bbf7ff4ab32f4e36b5e4c5be07b58ba7c5d898
SHA1 hash: 1b5cbddd976789e69a61fea548e34e9fa328b2c8
MD5 hash: b488338ccda886c86e877f43cfd63f49
humanhash: bulldog-rugby-muppet-maine
File name:Letter of statement.rar
Download: download sample
Signature MassLogger
Create hunting rule
File size:894'268 bytes
First seen:2020-07-29 06:27:05 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 24576:m4oESydKvZjA3mBETPPfov2uBaG/eMoNIAgR+:yNoqpBEvuB4TFgR+
TLSH 311533953F5AA6EFF9E88CE45FF9EB7C328D6560160000D3D6AFC06D24EA8CA24F4444
Reporter abuse_ch
Tags:MassLogger rar


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: kapurlaw.com
Sending IP: 209.58.149.66
From: leo<rjagadeesan@kapurlaw.com>
Subject: Letter of Statement
Attachment: Letter of statement.rar (contains "Letter of statement.exe")

MassLogger SMTP exfil server:
smtp.yandex.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
66
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/2acd811e287386bea81c860f8a6447294ad9dfab57f9cc1027ece210a0c2b46e/
Threat name:
ByteCode-MSIL.Trojan.MassLogger
Create hunting rule
Status:
Malicious
First seen:
2020-07-29 06:29:05 UTC
AV detection:
15 of 29 (51.72%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=flgychrioodl5ka4qyhyuzchfffntx5lk744yebh5trbbigcwrxa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.66
Link:
https://yomi.yoroi.company/submissions/2acd811e287386bea81c860f8a6447294ad9dfab57f9cc1027ece210a0c2b46e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

rar 2acd811e287386bea81c860f8a6447294ad9dfab57f9cc1027ece210a0c2b46e

(this sample)

MassLogger

Executable exe 3620092a3fe074a1adcf351ee1e91081b7227589993b148cd2acc18df351e9ea

  
Dropping
MD5 eebfc7dcf7359c43826c9b7fd7137472
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 3620092a3fe074a1adcf351ee1e91081b7227589993b148cd2acc18df351e9ea

Comments