MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 6c5210755b655eb982c7d572de94e5ef9d685ec236e629ef03eb99bbcabfcdaf. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

MassLogger

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	6c5210755b655eb982c7d572de94e5ef9d685ec236e629ef03eb99bbcabfcdaf
SHA3-384 hash:	287b8ad2b9e97e77253ebde64235470f73e53c43ca9e368012ec34b9d30085cce396695652ffcf6bae130022b758ea81
SHA1 hash:	750de3296b6bdcb5e8129f4ee4b1858e43553c90
MD5 hash:	e5591b0e2f20cae1b61a7fa108f2e4b5
humanhash:	mango-ohio-magazine-texas
File name:	BANK SLIP v.zip
Download:	download sample
Signature	MassLogger Create hunting rule
File size:	666'556 bytes
First seen:	2020-08-11 12:26:07 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	12288:D85n60SEqsmRh2F3RO1APKpa++wCjODdJ9J4cJhiLljcuwXba:Q5bMSBpy8+BDd7J/8Zjb8G
TLSH	61E433A6B268C58FFA14082214D1ADCC72E1C21DC37D58D6D9C5CD77A22EFE4449EB2B
Reporter	abuse_ch
Tags:	MassLogger zip

abuse_ch

Malspam distributing unidentified malware:

HELO: server.linux108.papaki.gr
Sending IP: 185.138.43.36
From: Ian Walker <iwalker@multipowerproducts.com>
Reply-To: Ian Walker <iwalker@multipowerproducts.com>
Subject: RE:BANK TRANSFER SLIP
Attachment: BANK SLIP v.zip (contains "RFQ.exe")