MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 399aa0c05acde43727cf4ba3973a85d62e44112641a4dcc91b8bc3bed88ac035. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 1 Yara Comments

SHA256 hash: 399aa0c05acde43727cf4ba3973a85d62e44112641a4dcc91b8bc3bed88ac035
SHA3-384 hash: 6e809f7fe11deb1c5d0d4608b2e88e4a430b51b53096474378ef8a2268c1d0fbe0d30ed406dba56e5e11a71e657502f2
SHA1 hash: e65148cf7904cf2345622b586c6d51b7cc00f80a
MD5 hash: 595687a02837220ef5ab639edaa40009
humanhash: may-zebra-pasta-florida
File name:595687a02837220ef5ab639edaa40009.exe
Download: download sample
Signature MassLogger
File size:853'504 bytes
First seen:2020-06-30 12:45:56 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 24576:20TCwN6ydembyCQZGX2a0D1U6Vwu83BQvvTwS3N:2onN6ydemOCAGFg1U698RkvB3N
TLSH F8052370393A4769E6F9C779926160088FF5210B5331E21E7FA1B0CE0DA7F456621F6B
Reporter @abuse_ch
Tags:exe MassLogger

MassLogger SMTP exfil server:


Mail intelligence
Trap location Impact
IT Italy Low
Global Low
# of uploads 1
# of downloads 25
Origin country US US
CAPE Sandbox Detection:n/a
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Kryptik
First seen:2020-06-30 08:27:00 UTC
AV detection:19 of 31 (61.29%)
Threat level:   5/5
Spamhaus Hash Blocklist :Suspicious file
Hatching Triage Score:   10/10
Malware Family:masslogger
Tags:ransomware spyware stealer family:masslogger
VirusTotal:Virustotal results 6.85%

File information

The table below shows additional information about this malware sample such as delivery method and external references.