MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 54723787c6d0b365442d29da3fb36aab007b291a0ff5c161b534fb0f6b08f058. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 54723787c6d0b365442d29da3fb36aab007b291a0ff5c161b534fb0f6b08f058
SHA3-384 hash: 4bef3d7829cf2f33d02079110eeec97103ba115b7400d7e755e30e5b618562f3cfdbbb8ae06f42cda6dd7487828601ff
SHA1 hash: 3fc3fe1daf09520c6cab24260bb7d3c8584886a9
MD5 hash: 4a3c984414118df055e405dcf93fab9b
humanhash: green-sweet-batman-sad
File name:AGENCY APPIONTMENT.zip
Download: download sample
Signature Matiex
Create hunting rule
File size:793'411 bytes
First seen:2020-11-06 07:15:51 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 24576:YGg+a6MNit6lYg1+CiZJaoPtoaT40rvtb2FwhJX:YG9ANTYg1+ngoPtoaT40Z2Fm
TLSH AAF423D729DF8B24A70D81A2C7BBDC524E6D45491D445621FBA1808376E12EBF31EEC3
Reporter abuse_ch
Tags:Matiex zip


Avatar
abuse_ch
Malspam distributing Matiex:

HELO: server12.prohoster.gr
Sending IP: 185.138.42.78
From: Bernadette Dela Cruz <sales@pinmaryachtsupply.com>
Reply-To: transfer.department.ford.usa@gmail.com
Subject: PDA. REQUEST
Attachment: AGENCY APPIONTMENT.zip (contains "AGENCY APPIONTMENT (2).exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
83
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.Packed2.42665.23291.11862.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/54723787c6d0b365442d29da3fb36aab007b291a0ff5c161b534fb0f6b08f058/
Threat name:
ByteCode-MSIL.Backdoor.NanoBot
Create hunting rule
Status:
Malicious
First seen:
2020-11-05 23:15:16 UTC
AV detection:
17 of 48 (35.42%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=krzdpb6g2czwkrbnfhnd7m3kvmahwki2b724cynvgt5q62yi6bma._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip 54723787c6d0b365442d29da3fb36aab007b291a0ff5c161b534fb0f6b08f058

(this sample)

Matiex

Executable exe 795a7f211c73f5cf0d3091b240e02b332e0b35e9083db5f5fa6b5949dc8664b6

  
Dropping
MD5 79b320bc515fadc6dc3bcd986b8232e1
  
Dropping
Matiex
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 795a7f211c73f5cf0d3091b240e02b332e0b35e9083db5f5fa6b5949dc8664b6

Comments