MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3e9e01606f941f5382aef016c7633ccba552e9147f3aafe637791294775b2c17. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3e9e01606f941f5382aef016c7633ccba552e9147f3aafe637791294775b2c17
SHA3-384 hash: c6d923a23d41e3b591469e47b138e7df545e02d6f2f7188bf81c28e282ff88cba9b608ada4b2c54ed255e4651bbb6e96
SHA1 hash: 997fdcb79252a1e19da9bc66daeac51da3265276
MD5 hash: 9386198fec7123c9b59810be36929e5d
humanhash: lamp-network-apart-three
File name:IDBI BANK 22.05.2020.CAB
Download: download sample
Signature MassLogger
Create hunting rule
File size:1'377'982 bytes
First seen:2020-05-22 07:04:23 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 24576:QD4k44wyKFBXUfjPCJYlGWih2WZue5qEsdm4DZ6X1/sapnn8ZCq4r+cqF3:8tw/OjqJz62bSdHq1/sa18Zt1b9
TLSH FE5533D0AC356BABE7486F9D2C50BC6C56C349D69E0822D821737FE0D80C619F797E4A
Reporter abuse_ch
Tags:cab MassLogger


Avatar
abuse_ch
Malspam distributing MassLogger:

From: IDBI Bank <neft@idbi.com>
Subject: IDBI BANK 22.05.2020 Account Statement
Attachment: IDBI BANK 22.05.2020.CAB (contains "IDBI BANK 22.05.2020.exe")

MassLogger SMTP exfil server:
smtp.yandex.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
63
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Artemis.11048.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-05-22 07:36:39 UTC
File Type:
Binary (Archive)
Extracted files:
23
AV detection:
6 of 48 (12.50%)
Threat level:
  2/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip 3e9e01606f941f5382aef016c7633ccba552e9147f3aafe637791294775b2c17

(this sample)

MassLogger

Executable exe 8b74dcd5ef2fc40d86bc26ed2385d80ab520ad845a4c1b101f3ba13ff36fb35e

  
Dropping
MD5 edc942f083bb76a8697fe2ea964ea802
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 8b74dcd5ef2fc40d86bc26ed2385d80ab520ad845a4c1b101f3ba13ff36fb35e

Comments