MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 960530127d1e93a39d2515381374892a2d508275aec3b4b61d1444290faac2b6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Loki

Vendor detections: 2

Intelligence 2 IOCs YARA File information Comments

SHA256 hash:	960530127d1e93a39d2515381374892a2d508275aec3b4b61d1444290faac2b6
SHA3-384 hash:	d80338fa29d29d7ba5b5cd69badb1e12e1cc0969d5c211248245aac5105611f4e4c85e4bcfd62ee8f89dcce5443cd264
SHA1 hash:	bc78717220187405a719fb1503d600666c8d994c
MD5 hash:	84c51be6620fbff9a27e0164b84ad368
humanhash:	twelve-fruit-uncle-quebec
File name:	ORDER.zip
Download:	download sample
Signature	Loki Create hunting rule
File size:	214'075 bytes
First seen:	2020-06-25 05:32:41 UTC
Last seen:	2020-06-25 06:50:31 UTC
File type:	zip
MIME type:	application/zip
ssdeep	6144:2IqyvjLZkfDWRPOuwRySOjbQWB2N8sDi12yI:2IqyvjLZkfS0fRyScbQw8sY
TLSH	50242346FA953269F0FB62D3EFC58240036CEC6981D985334099ED64138E7CB4376BAB
Reporter	cocaman
Tags:	Loki zip

cocaman

Malicious email
From: Aamer Al Qureshi<JohnS@Mashreqbank.com>
Received: from Mashreqbank.com (unknown [185.222.58.113])
Date: 24 Jun 2020 22:14:28 -0700
Subject: RECEIVABLE ORDER
Attachment: ORDER.zip