MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 70b9faab5ed08bb8a13fd31713c698e18ca4f504055deae086ab1a9bf7007b47. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 70b9faab5ed08bb8a13fd31713c698e18ca4f504055deae086ab1a9bf7007b47
SHA3-384 hash: a7ccf8d7ca65389529ad9f8ef9e1fe4f5e63365b07c425a49dc0ad475baa187b1d36a5cb2c7d1fd6998826d80dcdae4f
SHA1 hash: 5ad9a595bf6effc2a1c65dc4c8423fdd17416d37
MD5 hash: 2e207f4049944bb0ec93fcd07f04fc3a
humanhash: charlie-winner-minnesota-island
File name:Syed Kaleel CV.zip
Download: download sample
Signature MassLogger
Create hunting rule
File size:739'991 bytes
First seen:2020-10-28 08:56:09 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:Q4g3Ole+vTG0KngCybSmwCmDHCUyffpCxToe/hFI+QJxY/AAZKY0vh/H/3BZjZyO:dpln2ObS5jCU0fGl70OoYpUH/jjZtRzj
TLSH BCF42351C0309BD8CD29AB69372D5BE8438D1CB2DB5F90C8965597FA6723F58D3AC070
Reporter abuse_ch
Tags:MassLogger zip


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: gmail.com
Sending IP: 156.96.118.35
From: Syed Kaleel <SyedmoKaleel212@gmail.com>
Subject: Accountant with Experience
Attachment: Syed Kaleel CV.zip (contains "chibyke11.exe")

MassLogger SMTP exfil server:
mail.hkoffice365.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
78
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Artemis0194C548A530.28501.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/70b9faab5ed08bb8a13fd31713c698e18ca4f504055deae086ab1a9bf7007b47/
Threat name:
Win32.Infostealer.Fareit
Create hunting rule
Status:
Malicious
First seen:
2020-10-28 06:32:26 UTC
AV detection:
16 of 48 (33.33%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=oc47vk262cf3rij72mlrhruy4ggkj5ieavo6vyegvmnjx5yapndq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip 70b9faab5ed08bb8a13fd31713c698e18ca4f504055deae086ab1a9bf7007b47

(this sample)

MassLogger

Executable exe 1bdf22fa4a18737b696478210fe7a4eaf65fa8d1efffc82c675bd23efa8b938b

  
Dropping
MD5 3c218b558b3074a2c0bae6564dc36a08
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 1bdf22fa4a18737b696478210fe7a4eaf65fa8d1efffc82c675bd23efa8b938b

Comments