MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7b8f89962199f5cb6a1e50c624af54ea0970f7ee8cb4ca0b71eba584c7f0f1e5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7b8f89962199f5cb6a1e50c624af54ea0970f7ee8cb4ca0b71eba584c7f0f1e5
SHA3-384 hash: a9739dd45d71a271c2d2603ab61260c4e0bb8a4e7cc25de3f0c8c0e5c007e54e5b49ee49402b615dda9aae5342eb539f
SHA1 hash: b2e4b28675ec70ad2c32447d9f852355bb6f46f6
MD5 hash: b7f4cec37eec991f99147e7563036a55
humanhash: july-sweet-network-neptune
File name:Order Item list With Samples.zip
Download: download sample
Signature MassLogger
Create hunting rule
File size:865'411 bytes
First seen:2020-10-28 08:13:26 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:RH4RlW9A4dfQDRMBDGhWpZ4SJiTUo60wtdPGphKzG1ZJcW0OieZY5kD8KN5T5f:RYC5hy6DYSJZldPEeG1ZJcONYiBN55f
TLSH 9C053382DA8019B09114D1B8B17F073EE14C9F33CE3D9539EAC8BA639916E35D36426F
Reporter abuse_ch
Tags:MassLogger zip


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: mailsnd1.chol.com
Sending IP: 203.252.1.138
From: 장선옥 <jeongwon1@chol.com>
Subject: Price Inquiry
Attachment: Order Item list With Samples.zip (contains "Order Item list With Samples.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
80
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.23990.ZipHeur.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7b8f89962199f5cb6a1e50c624af54ea0970f7ee8cb4ca0b71eba584c7f0f1e5/
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-10-27 23:44:19 UTC
AV detection:
20 of 29 (68.97%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=pohytfrbth24w2q6kddcjl2u5iexb57ors2muc3r5osyjr7q6hsq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip 7b8f89962199f5cb6a1e50c624af54ea0970f7ee8cb4ca0b71eba584c7f0f1e5

(this sample)

MassLogger

Executable exe c82f95325307d64b524bae80ff2cdc3e5db082842f2148de16d8c3e9ffc66773

  
Dropping
MD5 e5631d010f22580deada6cd6a32cac23
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 c82f95325307d64b524bae80ff2cdc3e5db082842f2148de16d8c3e9ffc66773

Comments