MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 67355213a21949a6abc12f65fb4f96f6c9ca82d60dac379984ce374b0e00ce26. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 67355213a21949a6abc12f65fb4f96f6c9ca82d60dac379984ce374b0e00ce26
SHA3-384 hash: 777140f4e553149a5c24df9dcc8735ae57e1b0e7a7c675b669a700fa815f5e47b39fb0e90a1e1a90db899911c3c2bf9a
SHA1 hash: 84770b9d0df19f22603c3ec3ee1f207596d3bd2c
MD5 hash: 663c6faedef6d2cb4b4b189789ac16ba
humanhash: five-white-hamper-spaghetti
File name:Payment receipt.rar
Download: download sample
Signature Matiex
Create hunting rule
File size:110'285 bytes
First seen:2020-08-12 06:35:17 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 3072:Bq3PyIuKR+k2Uq4owa397aLCkGnw3lziFWDQV9+:BSyhcaqaNm2kGwtiFWDQV9+
TLSH ABB3123E28AB83133C7BF9759845D2D2392DC5375083BB07BAC37B96A181E635F06169
Reporter abuse_ch
Tags:Matiex rar


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: malmomusikaffar.com
Sending IP: 45.138.172.137
From: 925 Silver Jewelry<info@malmomusikaffar.com>
Subject: Payment receipt
Attachment: Payment receipt.rar (contains "Payment receipt.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
74
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/67355213a21949a6abc12f65fb4f96f6c9ca82d60dac379984ce374b0e00ce26/
Threat name:
ByteCode-MSIL.Trojan.Dothetuk
Create hunting rule
Status:
Malicious
First seen:
2020-08-12 06:37:03 UTC
AV detection:
15 of 29 (51.72%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=m42vee5cdfe2nk6bf5s7wt4w63e4vawwbwwdpgmezy3uwdqazyta._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/67355213a21949a6abc12f65fb4f96f6c9ca82d60dac379984ce374b0e00ce26

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

rar 67355213a21949a6abc12f65fb4f96f6c9ca82d60dac379984ce374b0e00ce26

(this sample)

Matiex

Executable exe b8888ca416fcb0b2fa48e131a3fbadf177ed9f26528d620ff1df804f17ea8c64

  
Dropping
MD5 497856229ec8ae87bda86469bf72ef64
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 b8888ca416fcb0b2fa48e131a3fbadf177ed9f26528d620ff1df804f17ea8c64

Comments