MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 41224fc86e123f70e5f6960a3cc7bafe093ad8f7b6dd7cf4ce6ab43d4bb1fee3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

MassLogger

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	41224fc86e123f70e5f6960a3cc7bafe093ad8f7b6dd7cf4ce6ab43d4bb1fee3
SHA3-384 hash:	43b796072ca3aec14edcad9e76947e87cda5653627cc31eecd175eba2ed669189bda9d055cd6d01356ddc1c9a376d697
SHA1 hash:	ed170fbeb89338c9600c19a4253fe081d442e201
MD5 hash:	14445833baf663c58183ee2d8f4bddd9
humanhash:	sweet-december-zulu-skylark
File name:	Payment Completed_pdf 1.gz
Download:	download sample
Signature	MassLogger Create hunting rule
File size:	647'659 bytes
First seen:	2020-10-12 06:20:13 UTC
Last seen:	2020-10-12 09:17:54 UTC
File type:	gz
MIME type:	application/x-rar
ssdeep	12288:5s6WmC72mCM9JZQJgK2HF4MtMHBjMZaFsWcOJqpZz5CgltLgDM:5svPJSJ+HFt0MysGMpldgw
TLSH	B8D423505ABD4D9ECA6CA9B37F405BF3D3876AA836F7932413240572EABC73C0742661
Reporter	abuse_ch
Tags:	gz MassLogger

abuse_ch

Malspam distributing MassLogger:

HELO: park-mx.above.com
Sending IP: 103.224.212.34
From: info@shelter-structure.com
Subject: RE: Payment advise
Attachment: Payment Completed_pdf 1.gz (contains "Payment Completed_pdf.exe")