MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 59969f1453d68a8fb406ea51b6ca2066ec492f8d196c3ce10e442268b37040b5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 59969f1453d68a8fb406ea51b6ca2066ec492f8d196c3ce10e442268b37040b5
SHA3-384 hash: 9355ec0c4680a43b64de4e49b1265e11862deb98db32ec0012c8e98ae7de82c5e6c481a8019a024f758789be6b8e2128
SHA1 hash: b0142732c9e88cc4855a96b575514e2b1486d6ff
MD5 hash: 8263440c27e00c98b521567597a4967b
humanhash: shade-diet-pip-early
File name:QUOTATION 014-S180053A.rar
Download: download sample
Signature MassLogger
Create hunting rule
File size:809'376 bytes
First seen:2020-11-09 15:52:34 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 24576:z5wbldrg0WyPqQmowi3RjAVZvJ0nra6kwIFUAb:1wJdrgSPhpD3RE5yaFXFnb
TLSH 4105231239AB0CDC45D93A42360FE303073A4B9539C5E9436BBCBDE8655D71E7FA6848
Reporter abuse_ch
Tags:MassLogger rar


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: zhkj52lw.ni.net.tr
Sending IP: 89.252.168.59
From: Annjelli Mabini <purchasing@petronav.com.cy>
Reply-To: info.abidullafouad78@yahoo.com
Subject: quote
Attachment: QUOTATION 014-S180053A.rar (contains "QUOTATION 014-S180053A.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
94
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/59969f1453d68a8fb406ea51b6ca2066ec492f8d196c3ce10e442268b37040b5/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-11-09 10:30:59 UTC
AV detection:
3 of 48 (6.25%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=lglj6fct22fi7nag5ji3nsram3wesl4ndfwdzyioiqrgrm3qic2q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
MassLogger
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/59969f1453d68a8fb406ea51b6ca2066ec492f8d196c3ce10e442268b37040b5

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

rar 59969f1453d68a8fb406ea51b6ca2066ec492f8d196c3ce10e442268b37040b5

(this sample)

MassLogger

Executable exe a558950f60aa2a7e34ac71c8a3013fbf576f485a9468ecfe5fdb0a1abb2cafbe

  
Dropping
MD5 aa8e4701cc7dc3b6ff21b601a685f090
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 a558950f60aa2a7e34ac71c8a3013fbf576f485a9468ecfe5fdb0a1abb2cafbe

Comments