MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7c45c5ffaeb697da39489e3a6ff6945aa3f8ca737f5a278c435646e7a8602767. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7c45c5ffaeb697da39489e3a6ff6945aa3f8ca737f5a278c435646e7a8602767
SHA3-384 hash: f8b9f261471eae4907c6167ec4b6f6b1e8349bf019e4defe128a43fab20836b586d8eeb27c15fb001e38c63b2d049884
SHA1 hash: 5c1cd215766875eefc856d989904201c782c7dc0
MD5 hash: fa08d221c58041897bd9ec1b808e423c
humanhash: green-mango-juliet-eighteen
File name:Document_028472.zip
Download: download sample
Signature MassLogger
Create hunting rule
File size:875'646 bytes
First seen:2020-06-08 12:52:33 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:7EOalj6aVymyzQSpPVNmTkSMi8fVLO6HylJgoynwOU1nwiGey7awQStfDARwo:7yj6aDS/NCMXJvHkJ3NwiLmawQNRwo
TLSH 0A1533429BC257A5B67775D61BBE36294B08DA4C88CFA4BFF8C23A65D320E054449FF0
Reporter abuse_ch
Tags:MassLogger zip


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: hessco.com
Sending IP: 37.49.224.210
From: Arunkumar.k <arun.kumar@hessco.com>
Subject: HESSCO RFQ_61008062020
Attachment: Document_028472.zip (contains "Document_028472.exe")

MassLogger SMTP exfil server:
mail.privateemail.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
61
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-06-08 12:54:04 UTC
AV detection:
23 of 48 (47.92%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=prc4l75ow2l5uokity5g75uulkr7rsttp5ncpdcdkzdopkdae5tq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip 7c45c5ffaeb697da39489e3a6ff6945aa3f8ca737f5a278c435646e7a8602767

(this sample)

MassLogger

Executable exe f305b0d150fd1cae5ece3e13a86f95d7a4f25683930a57988878198b7f547ba4

  
Dropping
MD5 d82790a83761efb5c7727fb60db48723
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 f305b0d150fd1cae5ece3e13a86f95d7a4f25683930a57988878198b7f547ba4

Comments