MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 83a3f0289424780105b2bfade0d0f4217e8709a9f84db9a5d79b5a552c3fe301. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

MassLogger

Vendor detections: 2

Intelligence 2 IOCs YARA File information Comments

SHA256 hash:	83a3f0289424780105b2bfade0d0f4217e8709a9f84db9a5d79b5a552c3fe301
SHA3-384 hash:	ffc3999cec678bb2f8833b10970ad9ef3455a9f2aab099dc1ece5cd3463177f55c5f6be1c054612a4836da6f2973b114
SHA1 hash:	0f31b4f7e08322cc9a07c7ebab210bc6ca2eafac
MD5 hash:	bd7e788d058ff9f4e5f4294cd05e6ad2
humanhash:	delaware-equal-virginia-potato
File name:	RFQ_26102020-00091928762.zip
Download:	download sample
Signature	MassLogger Create hunting rule
File size:	671'166 bytes
First seen:	2020-10-27 08:55:14 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	12288:yE9mMzKAVRDKeyvz9gYYg779l17JFwcxe0E7nMiHcBVLhgqcDnE+TYZiCPgydIWj:79mAvKerm7NJFwbDZs+/LE+TkicGWj
TLSH	CDE423837615C9E79B7563F22CFF94071603BF22966B6CCF7A4CF824A00A86DD645326
Reporter	abuse_ch
Tags:	MassLogger zip

abuse_ch

Malspam distributing MassLogger:

HELO: viettelidc.com.vn
Sending IP: 103.1.208.228
From: hongquan@paragon.com.vn
Subject: REQUEST FOR QUOTATION
Attachment: RFQ_26102020-00091928762.zip (contains "RFQ_26102020.exe")

MassLogger SMTP exfil server:
mail.ladophar.com.vn:587