MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5cbbc00f42cf7d1775077f2417a155cf7ca5c08d73f16f9cccc1e202f08ff677. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

MassLogger

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	5cbbc00f42cf7d1775077f2417a155cf7ca5c08d73f16f9cccc1e202f08ff677
SHA3-384 hash:	c37b7618abaa59367497df3d5d0bba9f44bf6818eac1b743d95d064955e50b4b5b9abb5bc083f7a5b1a5b04ff8062245
SHA1 hash:	94c9f5740c537f56f0d01d7cf16b76bac629f285
MD5 hash:	f379de2acf455bb58390fa197bbcd09e
humanhash:	south-angel-uncle-beer
File name:	Alhammra RFQ 005-0111.PDF.r00
Download:	download sample
Signature	MassLogger Create hunting rule
File size:	1'070'386 bytes
First seen:	2020-11-06 07:23:32 UTC
Last seen:	Never
File type:	r00
MIME type:	application/gzip
ssdeep	24576:urlgwfRxtBx/kPYnQgc9HjhgYtovaXyNS4rtR7n0WJni:ifl8wQ7BhftuaiNrf08i
TLSH	B13533BE08D0F3D3C11D82A5B0AA2E16B63A65DA0A741175EF341E6B3C5FFC2347516A
Reporter	abuse_ch
Tags:	MassLogger r00

abuse_ch

Malspam distributing MassLogger:

HELO: whmsrv01.virtualariki.com.br
Sending IP: 177.11.209.2
From: Miguel Alonso <malonso@alhammra.com>
Subject: Alhammra Request for Quotation
Attachment: Alhammra RFQ 005-0111.PDF.r00 (contains "Alhammra RFQ 005-0111.PDF.exe")