MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8fdad262de11acd730ea4e888362d0b16fdada31a31afe05688b12d928789f34. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8fdad262de11acd730ea4e888362d0b16fdada31a31afe05688b12d928789f34
SHA3-384 hash: b11e47ce7d105c65d9ba241a15d14c67343a283693202a1859c051f68de2d9e4a9653f88d6ff11cb2b0cd7e0dc4065d3
SHA1 hash: c370c9673fbe01ba05b45e473a739364d3a7acdf
MD5 hash: a26bcb61e89a45cedc57be78516be09e
humanhash: fruit-nineteen-burger-stairway
File name:SKMBT_L375735828976.pdf.r00
Download: download sample
Signature MassLogger
Create hunting rule
File size:697'847 bytes
First seen:2020-11-10 07:40:19 UTC
Last seen:Never
File type: r00
MIME type:application/x-rar
ssdeep 12288:YsIFJunyN9pGqwdoAb93nr59n0Z0OiWDuWkuEwcJge0z6Kddit:YnJ4S9YqS1bNFRo5iWDuWk0+06Gc
TLSH 36E4237F37670726C223F9A0F5AD7A4A80F608C86AD0B4368A24DFAC59457CFC921707
Reporter abuse_ch
Tags:MassLogger r00


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: server.teknofirst.com
Sending IP: 185.171.90.167
From: Hareesh Dharmapuri <info@incidences.fr>
Subject: BID: New Supplier Details
Attachment: SKMBT_L375735828976.pdf.r00 (contains "SKMBT_L375735828976.pdf.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
46
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8fdad262de11acd730ea4e888362d0b16fdada31a31afe05688b12d928789f34/
Threat name:
Win32.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-11-09 23:22:41 UTC
AV detection:
6 of 47 (12.77%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=r7nneyw6cgwnomhkj2eigywqwfx5vwrrumnp4blirmjnskdyt42a._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

r00 8fdad262de11acd730ea4e888362d0b16fdada31a31afe05688b12d928789f34

(this sample)

MassLogger

Executable exe 04a3cf2c1316b5dd21365ac36bc970cc9b28514d42d41712c783345e07a99a07

  
Dropping
MD5 e9cc2acb602d345d7ccaaabcdc16ba1d
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 04a3cf2c1316b5dd21365ac36bc970cc9b28514d42d41712c783345e07a99a07

Comments