MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9857ec3dabbd00c91463b3c16e08efaf7e5f96602b7fc81b45c674dc79574b8a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 9857ec3dabbd00c91463b3c16e08efaf7e5f96602b7fc81b45c674dc79574b8a
SHA3-384 hash: 08bb26cb4e93798ac6a8fade9f5438158a6fdf4ce51f13116cdbcd6df0c8547e091feb89aca2e261f9d40e7504e64371
SHA1 hash: f32af0c2b740f83f8444ce484121901b580b86bd
MD5 hash: dabd4a359c17dc1de967665cfcda127a
humanhash: september-cat-friend-shade
File name:Midal_MT103 Swift_007893421.img
Download: download sample
Signature Matiex
Create hunting rule
File size:1'572'864 bytes
First seen:2020-10-15 10:35:25 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 24576:y2uLH8bZis/zCuQkaYYGIwS9eSsRUmNC9UqM:KHSis/z4AtIwEeSsRU57M
TLSH 9C756986E2C77D2DDE78C2721A128E652FF03EB60570D2186DC47ECBC6913966716C8E
Reporter abuse_ch
Tags:img Matiex


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: jax4mhfb03.myregisteredsite.com
Sending IP: 64.69.218.96
From: orders <orders@echoproducts.com>
Reply-To: orders <orders@echoproducts.com>
Subject: Fwd: Midal_MT103 Swift Payment Confirmation #00789342
Attachment: Midal_MT103 Swift_007893421.img (contains "Midal_MT103 Swift_#007893421.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
80
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.DownLoader35.539.20654.21236.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/9857ec3dabbd00c91463b3c16e08efaf7e5f96602b7fc81b45c674dc79574b8a/
Threat name:
ByteCode-MSIL.Hacktool.Mimikatz
Create hunting rule
Status:
Malicious
First seen:
2020-10-14 10:52:48 UTC
AV detection:
21 of 48 (43.75%)
Threat level:
  1/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=tbl6ypnlxuamsfddwpaw4chpv57f7ftafn74qg2fyz2ny6kxjofa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Kryptik
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/9857ec3dabbd00c91463b3c16e08efaf7e5f96602b7fc81b45c674dc79574b8a

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

img 9857ec3dabbd00c91463b3c16e08efaf7e5f96602b7fc81b45c674dc79574b8a

(this sample)

Matiex

Executable exe 657efa6cf52f1ee1f950003e31ba8933dc93ea80900745f29d49a3010c09ebec

  
Dropping
MD5 351ef392f9a21da0002fc523e436089a
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 657efa6cf52f1ee1f950003e31ba8933dc93ea80900745f29d49a3010c09ebec

Comments