MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 81be7092464217c3f6d3ad926648b171526288c02ef0414d0f624246418f4fd7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 4 Yara Comments

SHA256 hash: 81be7092464217c3f6d3ad926648b171526288c02ef0414d0f624246418f4fd7
SHA1 hash: 80e446a034b5f6f93e14e90405417e3f0e448261
MD5 hash: 1c75fe5b6afe6668832594bec20b1ace
File name:RFQ NO. 4400008663.zip
Download: download sample
Signature MassLogger
File size:703'276 bytes
First seen:2020-05-23 11:45:46 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:g2iGuXCBvkmNd9U/EJ2GVLu+29SZ08v3mLBkq6u9DJM5wsugxwfthhB:g1GHvkoM/UVaY0Sm1Vf9DJM58gKVhhB
TLSH 12E42353C2B6489E9B0C9B8C2B6FEE17B09CA20359D743C22F51562D76160E63EF4692
Reporter @abuse_ch
Tags:MassLogger zip


Twitter
@abuse_ch
Malspam distributing MassLogger:

HELO: 77-72-3-56.hosted-at.kloud.co.uk
Sending IP: 77.72.3.56
From: M. Prabahkar Rao, Chairman, NSL Group <rabih@emirates.net.ae>
Reply-To: me <rabih@emirates.net.ae>
Subject: PROJECT DRAFT - Enquiry - 4400008663
Attachment: RFQ NO. 4400008663.zip (contains "RFQ NO. 4400008663.exe")

Intelligence


Mail intelligence
Trap location Impact
Global High
# of uploads 1
# of downloads 20
Origin country US US
ClamAV SecuriteInfo.com.Trojan.PWS.Siggen2.49255.5135.4625.UNOFFICIAL
VirusTotal:Virustotal results 18.18%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip 81be7092464217c3f6d3ad926648b171526288c02ef0414d0f624246418f4fd7

(this sample)

  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment

Comments