MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4b5ee9e40a655fd15aa0f7a61e5900a7361aff50b0496eecd515eb315cb06beb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 4b5ee9e40a655fd15aa0f7a61e5900a7361aff50b0496eecd515eb315cb06beb
SHA3-384 hash: dfa5d7f24c30b03b42aa8e4ff9c87fd34ad69d98a8a022938cbe2b5a0eec4c21099379647e3cff81b18071c0c5ef6124
SHA1 hash: 2fa0bf4c15a4b1a4d9efb34a55d5aafa69aed4cf
MD5 hash: 97ab62e86cf1feec083029cafaf32be2
humanhash: wolfram-football-wisconsin-lamp
File name:Aralık ekstreniz.zipx
Download: download sample
Signature Matiex
Create hunting rule
File size:957'096 bytes
First seen:2020-12-18 09:50:23 UTC
Last seen:2020-12-18 09:50:38 UTC
File type: zip
MIME type:application/zip
ssdeep 24576:T/OSb7nz48ipQkKYux5F97Saehn3nrkDwiKVpXhepDj:T/OSXnz7zY2F97Slhn3rk3KVG5
TLSH 9715331B4CE0E4BF4D72A483CD0CCE8F94B789B7C7911CC498B1E4E2B7699A521E9467
Reporter abuse_ch
Tags:geo TUR zipx


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: hosted-by.rootlayer.net
Sending IP: 185.222.58.152
From: ekstre@eekstre.qnbfinansbank.com
Subject: CardFinans KOBİ Visa Aralık ayi ekstreniz.
Attachment: Aralık ekstreniz.zipx (contains "Aralık ekstreniz.scr")

Intelligence

File Origin
# of uploads :
2
# of downloads :
156
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Heur.25357.7291.UNOFFICIAL
Create hunting rule

Result
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/4b5ee9e40a655fd15aa0f7a61e5900a7361aff50b0496eecd515eb315cb06beb/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=jnpotzakmvp5cwva66tb4wiau43bv72qwbew53gvcxvtcxfqnpvq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/4b5ee9e40a655fd15aa0f7a61e5900a7361aff50b0496eecd515eb315cb06beb

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip 4b5ee9e40a655fd15aa0f7a61e5900a7361aff50b0496eecd515eb315cb06beb

(this sample)

Matiex

Executable exe 6f8a9e60c3f540b692f2a5534e0fa022e44a87c8a8d67842ec6c7e5aa1de758a

  
Dropping
MD5 851c76cce3869be0dc6e38e546b41508
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 6f8a9e60c3f540b692f2a5534e0fa022e44a87c8a8d67842ec6c7e5aa1de758a

Comments