MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6183a8ed167641bb5818d9ce78c9cae8347c4d995959006796ea613dcec6edf1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 6183a8ed167641bb5818d9ce78c9cae8347c4d995959006796ea613dcec6edf1
SHA3-384 hash: e822e5a48382ccf5422597f0c95868a62dc5f098d7ecd49cd130495ce0a242e88adf346da22854d968264cd08e722ee1
SHA1 hash: 88aebdb94af75bb2298534698035504710960b03
MD5 hash: f67aaed5e32a34176d02c8add8b1616e
humanhash: eleven-shade-xray-don
File name:Remittance Slip 04062020_pdf.rar
Download: download sample
Signature MassLogger
Create hunting rule
File size:1'072'901 bytes
First seen:2020-06-04 17:32:00 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 24576:aK01+UTZ6RwK77Ltd7ax+MtxK4mPVrlDm9jq1SV:1S+U0Z77LLaMMr7mPV5a9OSV
TLSH 3B35336619FFD886AAC1EDB5DD7DE32A4E40E64CB49D54C4CA34D92A684CC4EC3304AF
Reporter abuse_ch
Tags:MassLogger rar


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: shsmtp.scs-net.org
Sending IP: 213.178.226.251
From: Lanni <lbenmamar@technisangles.fr>
Subject: Re: Wire Transfer USD27000
Attachment: Remittance Slip 04062020_pdf.rar (contains "Remittance Slip 04062020_pdf.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
64
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.27382.Rar5Heur.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-06-04 17:36:07 UTC
AV detection:
16 of 48 (33.33%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=mgb2r3iwoza3wway3hhhrsok5a2hytmzlfmqaz4w5jqt3twg5xyq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

rar 6183a8ed167641bb5818d9ce78c9cae8347c4d995959006796ea613dcec6edf1

(this sample)

MassLogger

Executable exe cac67b5ab04de81f69b8f4f882ad22e26672a61ed96d2e1f69d72f59c36bf401

  
Dropping
MD5 b7c2677756fa6d61737dec4496bf2715
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 cac67b5ab04de81f69b8f4f882ad22e26672a61ed96d2e1f69d72f59c36bf401

Comments