MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8aabd4b77ee880561cb9ef2566fdb5e4d142fa96557d90d5937711be278dd7ce. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8aabd4b77ee880561cb9ef2566fdb5e4d142fa96557d90d5937711be278dd7ce
SHA3-384 hash: fa78669ddb2c8519209cbf3f70e1f1e70964ab1d536de65f1ebdbee701c04da3637cdc0e42aa43bd9d65d29dd08b3d3a
SHA1 hash: cd6a17d9eeef1cf35e2571277e9626a4e0433a1e
MD5 hash: d6aff58af5ef023bf657dfd63bbf7d7b
humanhash: alanine-orange-montana-wisconsin
File name:2fU7B4sloWV3F5v.zip
Download: download sample
Signature Matiex
Create hunting rule
File size:357'896 bytes
First seen:2020-11-09 19:34:20 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:3hZ2dYhP2FTP8YGlSwsfgDrdW+6GbmoUK8yqyT2OipV9xN:RwdGzlDsfrbGbbUyqo2FptN
TLSH 1B7423FBD29F64E0C06AC070147C43930111A6097BBA2E279AD5F777B6318E1645BEFA
Reporter abuse_ch
Tags:Matiex zip


Avatar
abuse_ch
Malspam distributing Matiex:

HELO: host.etrade.kiev.ua
Sending IP: 185.203.241.24
From: Abduallah, Moataz <frolova@etrade.kiev.ua>
Reply-To: ikrns999@gmail.com
Subject: PO No. 5210102359 / Consulta
Attachment: 2fU7B4sloWV3F5v.zip (contains "2fU7B4sloWV3F5v.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
84
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.BackDoor.SpyBotNET.25.24636.7895.UNOFFICIAL
Create hunting rule

Result
Verdict:
SUSPICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8aabd4b77ee880561cb9ef2566fdb5e4d142fa96557d90d5937711be278dd7ce/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-11-09 17:21:28 UTC
AV detection:
6 of 48 (12.50%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=rkv5jn365cafmhfz54swn7nv4tiuf6uwkv6zbvmto4i34j4n27ha._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip 8aabd4b77ee880561cb9ef2566fdb5e4d142fa96557d90d5937711be278dd7ce

(this sample)

Matiex

Executable exe 93d92806cff2c0d375bf2fcc33e9c6ebb1697fefa8f25a7d481a639b8159da2d

  
Dropping
MD5 98cbcb6eead61f735a911adf161a3097
  
Dropping
Matiex
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 93d92806cff2c0d375bf2fcc33e9c6ebb1697fefa8f25a7d481a639b8159da2d

Comments