MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 63e3e5f94b3c77310875e0d3e0cf26bb6df7147988c2865c8e186f0051b0df23. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

MassLogger

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	63e3e5f94b3c77310875e0d3e0cf26bb6df7147988c2865c8e186f0051b0df23
SHA3-384 hash:	dcf1a4d85f9b9be14897355f6fad7976880a389bda8b17d3f513fa74cb0a98836550a8cf3d19c690d593267442277d9b
SHA1 hash:	5116d13354e3ff62c6363367fe2fb5d46656e81e
MD5 hash:	e5cca0d0fb701dae093df86c806cd550
humanhash:	pasta-yankee-island-two
File name:	New_Order_Nov.rar
Download:	download sample
Signature	MassLogger Create hunting rule
File size:	602'298 bytes
First seen:	2020-10-15 10:36:05 UTC
Last seen:	Never
File type:	rar
MIME type:	application/x-rar
ssdeep	12288:ymGR+PXs0A1MHUjJI8+XL2WB+RupGVelzwwGl8h8NmyfqChIRO9B2b5BS:ymU+00A1BjCnb2v2GVelE4EVGOj2brS
TLSH	1DD4235831D8C5C23EF8135EEC5D08D3D79DCE21E50D8798E62AE8223F2178CB299A5D
Reporter	abuse_ch
Tags:	MassLogger rar

abuse_ch

Malspam distributing MassLogger:

HELO: saintservices.us
Sending IP: 176.57.208.106
From: Sales Manager <contact@saintservices.us>
Subject: Nov_Order / RE:Confirm Bank Details.
Attachment: New_Order_Nov.rar (contains "New_Order_Nov.exe")