MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 4589624333de445da41e4e568629eae231fdd5df84d8a0d6345a291575c7e045. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
MassLogger
Vendor detections: 8
| SHA256 hash: | 4589624333de445da41e4e568629eae231fdd5df84d8a0d6345a291575c7e045 |
|---|---|
| SHA3-384 hash: | d39232b9a102c03424fd6bf2a3bd6e5d3264f7cfcc9ea4279cf48ce00dbba5d8145f86fc1452e443a60763b1ce45e633 |
| SHA1 hash: | a5a3327ef3d8d38c1644c89261ea0ff51b2ebd7e |
| MD5 hash: | 9e28a0d635ac9b731eafa03c81c6adfc |
| humanhash: | bluebird-angel-vermont-finch |
| File name: | ORDENXDEXCOMPRA.rar |
| Download: | download sample |
| Signature | MassLogger |
| File size: | 517'558 bytes |
| First seen: | 2026-07-03 17:50:52 UTC |
| Last seen: | 2026-07-03 17:51:30 UTC |
| File type: | rar |
| MIME type: | application/x-rar |
| ssdeep | 12288:+ZtcU35V7sCpa/1qYFVdz6pkDKL3dsNG61lm5ZiA:OuUpV7sPqYVt6eesg3iA |
| TLSH | T171B423AB72747603B943D2A3D04A494FC7FCBB884E995C7A8A5195EEE140D6BF10780F |
| TrID | 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1) 38.4% (.RAR) RAR compressed archive (gen) (5000/1) |
| Magika | rar |
| Reporter | |
| Tags: | MassLogger rar |
Intelligence
File Origin
# of uploads :
2
# of downloads :
19
Origin country :
CHFile Archive Information
This file archive contains 1 file(s), sorted by their relevance:
| File name: | output_pu2c3nk0.js |
|---|---|
| File size: | 3'973'114 bytes |
| SHA256 hash: | 29a95ae36d1399cf298329d2504b805684036d827e0a2b6bd7588eeb91e9899d |
| MD5 hash: | 776cffee0640c2ee9e2270776c080187 |
| MIME type: | text/plain |
| Signature | MassLogger |
Vendor Threat Intelligence
Verdict:
Clean
Score:
99.9%
Tags:
n/a
Verdict:
Malicious
Threat level:
10/10
Confidence:
100%
Tags:
base64 conhost powershell repaired
Verdict:
Malicious
File Type:
rar
First seen:
2026-06-15T12:09:00Z UTC
Last seen:
2026-07-03T04:11:00Z UTC
Hits:
~10
Gathering data
Verdict:
Malicious
Threat:
Family.SNAKE
Threat name:
Win32.Trojan.Vigorf
Status:
Malicious
First seen:
2026-06-15 18:02:04 UTC
File Type:
Binary (Archive)
Extracted files:
1
AV detection:
11 of 36 (30.56%)
Threat level:
5/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
MassLogger
rar 4589624333de445da41e4e568629eae231fdd5df84d8a0d6345a291575c7e045
(this sample)
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.