MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a376f14c6e716b2bdc12428df2b0f96e8e1f16b5944d2186bb634b63fc4193d5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a376f14c6e716b2bdc12428df2b0f96e8e1f16b5944d2186bb634b63fc4193d5
SHA3-384 hash: 61f072eb0730f41f18ccc7742156f970e7ca69dec1365ea03a548dae0aca89c18109f9cc3a13a4d153b1706cd2c62c9f
SHA1 hash: 9d0cbaff3007a51a41c2bf8c77e93d7643005349
MD5 hash: 8de302bd4bcd86ee31d9e12d93ba8eaa
humanhash: earth-steak-four-asparagus
File name:CardFinans 2020 Kasım ayı ekstreniz..rar
Download: download sample
Signature MassLogger
Create hunting rule
File size:1'193'469 bytes
First seen:2020-11-07 10:13:31 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 24576:NVS1Foky4IKEq1Ixh7e0m5MKSNZTsWzqY6o5p/l7VEWhNOfL:NVSaUEtxh7eN5WTsWrtpV5XK
TLSH 0D4533E844E5602AD50038A92E234F9E52DF971D24DF73EB3F231576E6A4A6FE04384D
Reporter abuse_ch
Tags:geo MassLogger rar TUR


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: server.inventapart.com
Sending IP: 104.152.108.91
From: eekstre@eekstre.qnbfinansbank.com <support@getquickfood.com>
Subject: CardFinans 2020 Kasım ayı ekstreniz.
Attachment: CardFinans 2020 Kasım ayı ekstreniz..rar (contains "CardFinans 2020 Kasım ayı ekstreniz..exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
89
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.27121.RarHeur.NoDP.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a376f14c6e716b2bdc12428df2b0f96e8e1f16b5944d2186bb634b63fc4193d5/
Threat name:
ByteCode-MSIL.Spyware.Noon
Create hunting rule
Status:
Malicious
First seen:
2020-11-07 02:26:17 UTC
AV detection:
11 of 48 (22.92%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=un3pctdoofvsxxasikg7fmhzn2hb6fvvsrgsdbv3mnfwh7cbspkq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

rar a376f14c6e716b2bdc12428df2b0f96e8e1f16b5944d2186bb634b63fc4193d5

(this sample)

MassLogger

Executable exe 830a35f0de3ba2f90f79bca1d31b28026305edc8c25bc370ba90a9e8ef893b11

  
Dropping
MD5 f0a743f142cd2acfbf0fecc940cab9f8
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 830a35f0de3ba2f90f79bca1d31b28026305edc8c25bc370ba90a9e8ef893b11

Comments