MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 7f4486e5dfa4063c160a1e0d2d8092fc874f73f602c1b033d9a77ad751957471. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 7f4486e5dfa4063c160a1e0d2d8092fc874f73f602c1b033d9a77ad751957471
SHA3-384 hash: 03599c859865173bf50cdbc0921aab08de7b844122b0759b475927a039efe888c78cc2196247254a1d37547e2e727088
SHA1 hash: 5f4b896ab72de07d81cf191b2c1c09fccc0c535b
MD5 hash: c21afaff8f94bbaf4b9b563fd53310aa
humanhash: bluebird-social-august-batman
File name:要求報價; OREL-20V-0221-土耳其.zip
Download: download sample
Signature MassLogger
Create hunting rule
File size:767'583 bytes
First seen:2020-11-19 06:57:12 UTC
Last seen:Never
File type: zip
MIME type:application/x-rar
ssdeep 12288:QuuG18EEwyjwyZt1sYlKt+zpuOLu2LeFxuNLNj7czYqC5nsMP4fEI+b:Qu18fRBz1st2xyDuXj7SfEI+b
TLSH 32F423BE2FB8639ACC050B5C9D62C22D5C924F51BEBC4E6CD0A5BD1141A4F773AA9730
Reporter abuse_ch
Tags:CHN geo zip


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: proje.mertbilisim.net
Sending IP: 85.95.240.168
From: manager1@denimtech.com.tr
Subject: 要求報價; OREL-20V-0221-土耳其
Attachment: 要求報價; OREL-20V-0221-土耳其.zip (contains "要求報價; OREL-20V-0221-土耳其.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
88
Origin country :
n/a
Vendor Threat Intelligence
Result
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/7f4486e5dfa4063c160a1e0d2d8092fc874f73f602c1b033d9a77ad751957471/
Threat name:
Win32.Trojan.BMassKeyLogger
Create hunting rule
Status:
Malicious
First seen:
2020-11-19 06:58:05 UTC
AV detection:
17 of 29 (58.62%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=p5cinzo7uqddyfqkdygs3aes7sdu647wala3am6zu55noumvoryq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip 7f4486e5dfa4063c160a1e0d2d8092fc874f73f602c1b033d9a77ad751957471

(this sample)

MassLogger

Executable exe bde085b89e6e50618b1f38f6d889bf9554b11d0a08a82a315e0a66fec7718daf

  
Dropping
MD5 1f2e69e42f85fc61f37c7ac377bd372d
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 bde085b89e6e50618b1f38f6d889bf9554b11d0a08a82a315e0a66fec7718daf

Comments