MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8da21e4a6c97fdcd262ca3743ffc037cff33b707080af49165f75a23cfe335ac. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8da21e4a6c97fdcd262ca3743ffc037cff33b707080af49165f75a23cfe335ac
SHA3-384 hash: 0c8868c5a6716e3f335e3465a1e2194f885ee755d5f39fe38f20803a6094e80c50dc1b09bcbd005e5867aef69b18cd5c
SHA1 hash: 69893acd719102c796161e139bfb55800cd5f8ed
MD5 hash: bd9f6a1f1cb1991437bb44e954922fa7
humanhash: pizza-idaho-bulldog-hot
File name:TNT Document.rar
Download: download sample
Signature MassLogger
Create hunting rule
File size:818'518 bytes
First seen:2020-06-16 11:36:05 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:nAJ9Qy7vipzr0dt8T3PQ3MKSp2J3COqCqASrLR/Z7lty/qasHfnVu5uv1x8Y/kg3:49F7vJr8TY8LYCFhASrLdbtMs/nVESl3
TLSH 0F0533822B36BDB1CD028EFD713D2996B5621E25FBC1D436C799D080A8CB1D9C57B889
Reporter abuse_ch
Tags:MassLogger rar TNT


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: tnt.com
Sending IP: 37.49.224.134
From: TNT Express <canan.dag@tnt.com>
Subject: TNT Konsimentosu 751763403
Attachment: TNT Document.rar (contains "TNT Document.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
63
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-06-16 11:38:05 UTC
AV detection:
16 of 31 (51.61%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=rwrb4stms7642jrmun2d77adpt7thnyhbafpjelf65ncht7dgwwa._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

rar 8da21e4a6c97fdcd262ca3743ffc037cff33b707080af49165f75a23cfe335ac

(this sample)

MassLogger

Executable exe 033cccd5c1d6affd3269077550ba942b144fe64092c83e8c1a70ab06468206a7

  
Dropping
MD5 084eb0322996bef8b1245c3c886d574d
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 033cccd5c1d6affd3269077550ba942b144fe64092c83e8c1a70ab06468206a7

Comments