MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8b89f4df41360c5069599c46d83a596a10f664eda83a87ac764c75efd38861f9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8b89f4df41360c5069599c46d83a596a10f664eda83a87ac764c75efd38861f9
SHA3-384 hash: 42759319d85363f67dd74a964949d4206a5071e61a820dae19d323046315f4b3fdd1d4ac6e61d0a94c569779ec29d597
SHA1 hash: 831c7a8af5479e6bda82acbd51dd9689ee8870a8
MD5 hash: 4084a36e38dc6eb61ba4afb07755805f
humanhash: alanine-eight-summer-india
File name:14b988e6a5deeb13587e5008679b56a0
Download: download sample
Signature MassLogger
Create hunting rule
File size:712'192 bytes
First seen:2020-11-17 12:35:31 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 34ec234718f5f3a61f897452f4780c35 (2 x AgentTesla, 2 x Formbook, 2 x MassLogger)
ssdeep 12288:YmUzHEEX69/gtnouecR/3rJv74F+wkFwVgqVSc5feBK9PGEYqXIME9kkCORXTeWP:iHntnogRdvEk1RcoGGAYM0X6g1n
TLSH 18E412247551C0B3E4670A3500DC9531DA39FC365FE16C4BA3DA332AAEB63D18B69E63
Reporter seifreed
Tags:MassLogger

Intelligence

File Origin
# of uploads :
1
# of downloads :
71
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Win.Dropper.LokiBot-9789787-0
Create hunting rule

Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a file in the %temp% subdirectories
Creating a file
Running batch commands
Launching a process
Using the Windows Management Instrumentation requests
Unauthorized injection to a system process
Enabling autorun by creating a file
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8b89f4df41360c5069599c46d83a596a10f664eda83a87ac764c75efd38861f9/
Threat name:
Win32.Trojan.Strictor
Create hunting rule
Status:
Malicious
First seen:
2020-11-17 12:39:14 UTC
AV detection:
25 of 28 (89.29%)
Threat level:
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/201117-g3q7cz6zga/
Unpacked files
SH256 hash:
8b89f4df41360c5069599c46d83a596a10f664eda83a87ac764c75efd38861f9
MD5 hash:
4084a36e38dc6eb61ba4afb07755805f
SHA1 hash:
831c7a8af5479e6bda82acbd51dd9689ee8870a8
Link:
https://www.unpac.me/results/dc317cad-2ec4-45f1-9a8c-dad60b294e63/
SH256 hash:
6dd1eac2a9acbab22d96c00403269f6144b9a13908a2845276e0365c1e90d144
MD5 hash:
87c4d24048ee1d40b52b029dca65520a
SHA1 hash:
d40002b80e37108b933caeb537fcf6f9cf9a430c
Detections:
win_masslogger_w0
Create hunting rule
Link:
https://www.unpac.me/results/dc317cad-2ec4-45f1-9a8c-dad60b294e63/
Parent samples :
ae1030f0ff069ac50dea9f299186507db2223f47fc51d1952c92d4709ba56190
a94b1b1f02dbaf0895a93de9df8603115501866ce76a147cb2e4330b0894b928
8b89f4df41360c5069599c46d83a596a10f664eda83a87ac764c75efd38861f9
75139a48d485f359d57726464104e7dd840bb1d26457d9780363d1360a83e12d
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments