MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 521fdcdefe26b74dfe10386220135f67ca1270e945270287eb7b984b390536ee. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 2 Yara 1 Comments

SHA256 hash: 521fdcdefe26b74dfe10386220135f67ca1270e945270287eb7b984b390536ee
SHA3-384 hash: eb7e5c69dee10a812a353e2a89709d4dbe8bce743ff229acbd4d1a020c4bea8f86891f0ee707bbc05fbce5cec24c528c
SHA1 hash: c105e1f0e721a50830f4adb0172bf46025c4e1f8
MD5 hash: 324f0d16fb470fca906fc47cf20f9407
humanhash: july-salami-oranges-oregon
File name:CHQVYTExcSl0dUj.exe
Download: download sample
Signature MassLogger
File size:716'288 bytes
First seen:2020-06-30 14:18:03 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 12288:X7KlV+5Oww0tOgQSlDKOT9J7WsEmNEz//hJjHQ+4vnHzAP6WHtyVgASA3:rKP+5Ow9EIfqlmNU5JTyTe62Gg5y
TLSH 70E4233533344722E9FEC37131A024241FB8A51F6522D3AC3E8465DA4AB7B519AB5F37
Reporter @James_inthe_box
Tags:exe MassLogger


Mail intelligence No data
# of uploads 1
# of downloads 33
Origin country FR FR
CAPE Sandbox Detection:n/a
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Kryptik
First seen:2020-06-30 14:16:51 UTC
AV detection:24 of 31 (77.42%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:masslogger
Tags:ransomware spyware stealer family:masslogger
VirusTotal:Virustotal results 10.45%

Yara Signatures

Rule name:masslogger_gcch

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Delivery method