MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4788d7c40f105876a755845cb34f4aa53c5911da2e57f6df39717ec62f0c48f4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 4788d7c40f105876a755845cb34f4aa53c5911da2e57f6df39717ec62f0c48f4
SHA3-384 hash: e14568a968aa7231dff7b11dd90065428cc871f55d4aa3ef2f2bfa64d9b35e8cd8ab637c2cf97b4d61ce20869ae967dc
SHA1 hash: 7b98fa11d2b1a2917e6a09c296e4e1003316e8d7
MD5 hash: 7bc6692c892f14f5e6fac22856c4f28e
humanhash: victor-echo-zebra-kansas
File name:Haruko Rice Supply offer.gZ
Download: download sample
Signature MassLogger
Create hunting rule
File size:16'918 bytes
First seen:2020-11-06 07:34:33 UTC
Last seen:Never
File type: gz
MIME type:application/x-rar
ssdeep 384:/MOgpg2uSuC5Ur2CnIDKgJukxmICl8D48fV2WAdd2Ud:/MOWsIUr2cID8kQliD442Jd2U
TLSH 4072D0A87B2661335782A5BD989C680D40FB13D1DD3D83C370CCA5D9399D2F36918E96
Reporter abuse_ch
Tags:gz MassLogger


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: vps.shenzhentoptrade.net
Sending IP: 37.46.150.190
From: Office <office@shenzhentoptrade.net>
Subject: Keddis & Partners Co Rice Order
Attachment: Haruko Rice Supply offer.gZ (contains "Haruko Industrial Supply offer.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
81
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/4788d7c40f105876a755845cb34f4aa53c5911da2e57f6df39717ec62f0c48f4/
Threat name:
ByteCode-MSIL.Trojan.Injuke
Create hunting rule
Status:
Malicious
First seen:
2020-11-06 03:50:12 UTC
AV detection:
6 of 48 (12.50%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=i6enprapcbmhnj2vqrolgt2kuu6fseo2fzl7nxzzof7mmlymjd2a._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

gz 4788d7c40f105876a755845cb34f4aa53c5911da2e57f6df39717ec62f0c48f4

(this sample)

MassLogger

Executable exe c15a4ca6baeb433bf2c3a74ac3763079baa1ec350dbce6ab54ed2c613e9dd179

  
Dropping
MD5 c8b993eb406d028a91a4a0996739f73d
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 c15a4ca6baeb433bf2c3a74ac3763079baa1ec350dbce6ab54ed2c613e9dd179

Comments