MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 77105623676f77a5ecc6c88d65d0c23793969b03b45d4d24dc11ac706552e504. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 3 Yara Comments

SHA256 hash: 77105623676f77a5ecc6c88d65d0c23793969b03b45d4d24dc11ac706552e504
SHA1 hash: e0f42094eaabffd36242cc74bf6da042d7d89dc8
MD5 hash: c42d141d2a0104b7b725a26fa811da2f
File name:Payment Copy.exe
Download: download sample
Signature MassLogger
File size:782'336 bytes
First seen:2020-05-22 15:01:58 UTC
Last seen:2020-05-22 15:48:40 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 12288:BfcsBfGR+KjIpuC7vQOKCKtawGBpmNUgxdmZnvdxjV:BfnsjcuCbBTKbGSyn9vLR
TLSH 48F41246AE354771CC3487F215B1092067B68BD9158FC35D1E8029FA1C67F1A2AA2BBF
Reporter @abuse_ch
Tags:exe MassLogger

Malspam distributing MassLogger:

Sending IP:
From: Rabih <>
Reply-To: Rabih <>
Subject: Payment Copy.
Attachment: Payment (contains "Payment Copy.exe")

MassLogger SMTP exfil server:


Mail intelligence
Trap location Impact
Global Low
# of uploads 2
# of downloads 30
Origin country US US
VirusTotal:Virustotal results 30.00%
ReversingLabs :No data

File information

The table below shows additional information about this malware sample such as delivery method and external references.



Executable exe 77105623676f77a5ecc6c88d65d0c23793969b03b45d4d24dc11ac706552e504

(this sample)

Delivery method
Distributed via e-mail attachment