MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7c0952969be65a403e871343e4f5bfa156e54d97d86d6aa0e7a5f6a8d3bad422. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7c0952969be65a403e871343e4f5bfa156e54d97d86d6aa0e7a5f6a8d3bad422
SHA3-384 hash: 02d5a408a5f4b9a612f32b8f6b62bdf805ea19a04063e923ba2087e5ada57fbda912681c0a16b325e186d2fda187d724
SHA1 hash: 13150625e7f5c342b1b0660f10a88464a76a22a6
MD5 hash: 2f0b55b6bdbf2bd58c47ef5dda81e6a9
humanhash: summer-undress-black-march
File name:purchase.img
Download: download sample
Signature Matiex
Create hunting rule
File size:598'016 bytes
First seen:2020-12-21 07:40:17 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 6144:iSaJmcZInw0a5w15RMtVwEwsPgQgUO7MiQvLcjwxvHVZ0y1UCgVYM:sHCnbz5mrrCUO7vQbx/f0ymCuYM
TLSH 04D49F3F55C9EE1BE235CF7670DAE88B26B23B370C6A040DE9B83265AE635049471753
Reporter abuse_ch
Tags:img Matiex


Avatar
abuse_ch
Malspam distributing Matiex:

HELO: vEdge-AC1.cox.com
Sending IP: 174.67.93.94
From: Stephens Franklin <info@cox.com>
Subject: Purchase Order
Attachment: purchase.img (contains "purchase.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
144
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Foxhole.Iso_fs2232.UNOFFICIAL
Create hunting rule

Result
Verdict:
MALICIOUS
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7c0952969be65a403e871343e4f5bfa156e54d97d86d6aa0e7a5f6a8d3bad422/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-12-21 04:13:35 UTC
AV detection:
15 of 29 (51.72%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=pqevffu34zneapuhcnb6j5n7ufloktmx3bwwvihhux3kru522qra._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/7c0952969be65a403e871343e4f5bfa156e54d97d86d6aa0e7a5f6a8d3bad422

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

img 7c0952969be65a403e871343e4f5bfa156e54d97d86d6aa0e7a5f6a8d3bad422

(this sample)

Matiex

Executable exe 79a907e747dc5b0a4d2594b3365aa71f26b636380b06db8f257ef4ec47b4555f

  
Dropping
MD5 4f0f5333176758254faf1b18a35ea925
  
Dropping
Matiex
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 79a907e747dc5b0a4d2594b3365aa71f26b636380b06db8f257ef4ec47b4555f

Comments