MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5d9bebb8daa7a6187c8944c8111fab3af0dcb1f4028aa0f41d11296489f0ba7c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 5d9bebb8daa7a6187c8944c8111fab3af0dcb1f4028aa0f41d11296489f0ba7c
SHA3-384 hash: 2d3c43b2038ca69a0f4d8896d1d5227e91aa65840cdfa422714fcd8c22e233ac2d61d9a26772fe8adaca63426d8675c9
SHA1 hash: 03f0974ecf154d9d211acdf46d75b4cd3f89f870
MD5 hash: 1c37685c32f30664ec70a96b0c5e7587
humanhash: green-undress-quebec-zebra
File name:ÜRÜN KATALOĞU TALEBİ.rat
Download: download sample
Signature MassLogger
Create hunting rule
File size:463'847 bytes
First seen:2020-10-08 17:41:42 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:uHqCXj2Uwonkw7k3zaN/psRfOj1ySTT0dfHkD:hCmoF7KQskjwEodcD
TLSH 61A423779FB244BFD6FC4C66838B407971BC44DED80B9DBBE40887705380B916AD5AA8
Reporter abuse_ch
Tags:geo MassLogger RAT TUR


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: ssl.delta3.beget.com
Sending IP: 5.101.153.91
From: SCHENKER ARKAS Nakliyat ve Tic. A.Ş. <support@businss.ru>
Subject: ÜRÜN KATALOĞU TALEBİ
Attachment: ÜRÜN KATALOĞU TALEBİ.rat (contains "ÜRÜN KATALOĞU TALEBİ.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
118
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/5d9bebb8daa7a6187c8944c8111fab3af0dcb1f4028aa0f41d11296489f0ba7c/
Threat name:
Win32.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-10-08 08:41:57 UTC
AV detection:
15 of 29 (51.72%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=lwn6xog2u6tbq7ejitebch5lhlynzmpuakfkb5a5ceuwjcpqxj6a._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/5d9bebb8daa7a6187c8944c8111fab3af0dcb1f4028aa0f41d11296489f0ba7c

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

rar 5d9bebb8daa7a6187c8944c8111fab3af0dcb1f4028aa0f41d11296489f0ba7c

(this sample)

MassLogger

Executable exe 9637aff986e8795e82308aa077349b80989b6b0ca89973e209d3dee98da1e464

  
Dropping
MD5 71c5ee69480e408aa33f86f1a107393e
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 9637aff986e8795e82308aa077349b80989b6b0ca89973e209d3dee98da1e464

Comments