MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6b9b47e72cb7af1de91473e48249714b817342df71dd783adabbf815eb64189a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 6b9b47e72cb7af1de91473e48249714b817342df71dd783adabbf815eb64189a
SHA3-384 hash: 9e1f20b72f19e3d6fb6e4b9eebf294729594bbdabde279c8b4518799937661ec7f3c90c7706ff482e8f76f0a4f3b71cf
SHA1 hash: d8abf6375ec07f4f9c99e11f433209ba8b75d0a9
MD5 hash: b79abfc0ca62ce44b4f0226f77c30d18
humanhash: lima-nine-maine-maine
File name:proforma faktura.zip
Download: download sample
Signature MassLogger
Create hunting rule
File size:856'912 bytes
First seen:2020-05-26 08:11:32 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 24576:VJ3ws0WlqWk/IX1v2DSSxQ3YJlBXkWqql6ksAJsDDe:XwylqWkAQDSSxQOkWV/sisDy
TLSH 19053331A05614AFC49470A7B9999EB086F0CC7B7FB66D02BCB7261342620E777C9B74
Reporter abuse_ch
Tags:MassLogger zip


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: dobarhosting.com
Sending IP: 78.47.62.128
From: Aleksandra Krnjajić <epugnant@groupe-rdt.com>
Subject: Re: Re: Re: AW: proforma faktura
Attachment: proforma faktura.zip (contains "proforma faktura.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
59
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.MSIL.Kryptik.WBA.24131.UNOFFICIAL
Create hunting rule

Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-05-26 08:36:59 UTC
File Type:
Binary (Archive)
Extracted files:
8
AV detection:
8 of 48 (16.67%)
Threat level:
  2/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip 6b9b47e72cb7af1de91473e48249714b817342df71dd783adabbf815eb64189a

(this sample)

MassLogger

Executable exe 3d5d31a764a3bd26d6601fcc3afb645c29eb9bf5d108727dc3ab712ab60f71dc

  
Dropping
MD5 6c59a8b777e54561deb182f9e378713a
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 3d5d31a764a3bd26d6601fcc3afb645c29eb9bf5d108727dc3ab712ab60f71dc

Comments