MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 77305217889104a028754ea1fb51c2e9e33eeb5f1f8a0528833273381c1a65e3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 77305217889104a028754ea1fb51c2e9e33eeb5f1f8a0528833273381c1a65e3
SHA3-384 hash: d56fdef614d5687f2f39ea8bf77fa1e9caa925864c8a98251d5e0674fa1b771ca11cd4a17b976d9cc5313fa8336a916c
SHA1 hash: 0e1a6a5d93528f80d534e7ddb30f5943dc073b81
MD5 hash: 5bfa5afc57010261488cf00d4f9ea814
humanhash: salami-diet-speaker-lion
File name:Delivery Note Awd 2425627272-288367383.gz
Download: download sample
Signature MassLogger
Create hunting rule
File size:1'077'661 bytes
First seen:2020-11-06 17:41:13 UTC
Last seen:Never
File type: gz
MIME type:application/gzip
ssdeep 24576:CekFFqh141PAdfm6CA0OtTZbaWbUCXbvzGBLmwuvJwbdoH:v41PefbCryb/b5XbyyJWiH
TLSH CB3533D81BFE40C8D74A421DF0CB0C59B16BA224726D6C5B2664D3E1098F8E797F79CA
Reporter abuse_ch
Tags:DHL gz MassLogger


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: auth7.cpanel.net
Sending IP: 185.162.146.30
From: DHL Express <katewright_dhl@gmail.com>
Subject: Failed DHL Delivery Notification
Attachment: Delivery Note Awd 2425627272-288367383.gz (contains "Delivery Note Awd 2425627272-288367383.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
122
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.Packed2.42665.22918.9495.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/77305217889104a028754ea1fb51c2e9e33eeb5f1f8a0528833273381c1a65e3/
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-11-06 13:17:49 UTC
AV detection:
12 of 48 (25.00%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=o4yfef4iseckakdvj2q7wuoc5hrt5227d6fakkedgjztqha2mxrq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

gz 77305217889104a028754ea1fb51c2e9e33eeb5f1f8a0528833273381c1a65e3

(this sample)

MassLogger

Executable exe 9b42273e757d2cd6b0861aa1a06f32f4f8e6882deaa65167e0068c38845b0cd2

  
Dropping
MD5 a6fe3e43af52fe99b18a607a36d49d5b
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 9b42273e757d2cd6b0861aa1a06f32f4f8e6882deaa65167e0068c38845b0cd2

Comments