MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5a3ada18734cb60b1c1d01b371c02c600c5a67b261ee26611d85affe1dcedd61. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 5a3ada18734cb60b1c1d01b371c02c600c5a67b261ee26611d85affe1dcedd61
SHA3-384 hash: 6bab1038be9a9e7d5ce5bf29a007351651f385375780688277cbfd4dde9d2a196fa205d6f75923d2d1ec93db77f894a8
SHA1 hash: c22badf8bf67eab7d4d82cffc2b19456a7b6ed66
MD5 hash: 2654465741d0e30ff76df1c347334362
humanhash: cardinal-foxtrot-football-oranges
File name:Purchase Order 17238502238 PDF.rar
Download: download sample
Signature MassLogger
Create hunting rule
File size:701'492 bytes
First seen:2020-11-06 17:22:27 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:bQWJnyiYOs5vGqb4eDr4bZsEvR1QTgy+ufTV6IyQ3mIJC9Tq0p3QIju6M7M7e6Oy:bVyiYxxGo4bZZQTglufTYI3JJETqejuy
TLSH A1E423F45FA1093EC86F627352AEF6FA14412D40E051A79F5EC9A1C720D8F86D298F36
Reporter abuse_ch
Tags:MassLogger rar


Avatar
abuse_ch
Malspam distributing MassLogger:

From: "T. H. Khan" <ahsen.coskun@kuzeyboru.com.tr>
Reply-To: "Sale 1"<ahsen.coskun@kuzeyboru.com.tr>
Subject: Re:Purchase Order 17238502238 for Kasna Unit
Attachment: Purchase Order 17238502238 PDF.rar (contains "LLLLLLLLLLL.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
120
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/5a3ada18734cb60b1c1d01b371c02c600c5a67b261ee26611d85affe1dcedd61/
Gathering data
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=li5nugdtjs3awha5agzxdqbmmagfuz5smhxcmyi5qwx74hoo3vqq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

rar 5a3ada18734cb60b1c1d01b371c02c600c5a67b261ee26611d85affe1dcedd61

(this sample)

MassLogger

Executable exe dbf19db7d0a4b842c4652e84edf70acbf1e1d2a9bd50403ba8fa0cd5abbba587

  
Dropping
MD5 79df016414dd8f39209eddb093384ca6
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 dbf19db7d0a4b842c4652e84edf70acbf1e1d2a9bd50403ba8fa0cd5abbba587

Comments