MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a6c1e44de59c65df02ffd162f73db244173679bfdd4e8164bada4cc55ac596c7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a6c1e44de59c65df02ffd162f73db244173679bfdd4e8164bada4cc55ac596c7
SHA3-384 hash: f2de77d84589308d79b7bf0f8634cad0e9b2efa92744c477a867f046fdcb5cf7d47d6d18bf777f4d1d3c46e5339ebcc0
SHA1 hash: 468d5e81490cb8e02afd95dbefb37bba672f330c
MD5 hash: d00553489b213f6672702e555aaa4876
humanhash: august-king-monkey-coffee
File name:mat.exe
Download: download sample
Signature Matiex
Create hunting rule
File size:79'428 bytes
First seen:2020-07-31 16:33:43 UTC
Last seen:2020-07-31 17:40:50 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744 (48'742 x AgentTesla, 19'607 x Formbook, 12'242 x SnakeKeylogger)
ssdeep 1536:58P2LsdEjC4r7LDFP1kPkaukDCg4HxpRF15ROYNSVDlXdzNPl6VLB7lDJjFExLBK:580CEZr7N1kPk7kDaRpRF15RNNSVDlXA
Threatray 61 similar samples on MalwareBazaar
TLSH AA73D5FE23878535CADE8BFD4AE0925FE3F8F2454457EE4B3D46509A0C9660C02866E7
Reporter James_inthe_box
Tags:exe Matiex

Intelligence

File Origin
# of uploads :
2
# of downloads :
111
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/36625/
Detection(s):
SecuriteInfo.com.Generic.mg.d00553489b213f66.16992.UNOFFICIAL
Create hunting rule

Result
Threat name:
Matiex
Create hunting rule
Detection:
malicious
Classification:
troj
Score:
52 / 100
Link:
https://www.joesandbox.com/analysis/406410
Signature
Machine Learning detection for sample
Yara detected Matiex Keylogger
Behaviour
Behavior Graph:
Download SVG
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a6c1e44de59c65df02ffd162f73db244173679bfdd4e8164bada4cc55ac596c7/
Threat name:
ByteCode-MSIL.Trojan.Malrep
Create hunting rule
Status:
Malicious
First seen:
2020-07-31 16:33:37 UTC
File Type:
PE (.Net Exe)
Extracted files:
2
AV detection:
27 of 48 (56.25%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=u3a6itpftrs56ax72frpopnsiqltm6n73vhiczf23jgmkwwfs3dq._file
Verdict:
malicious
Label(s):
hawkeyekeylogger
Create hunting rule
Similar samples:
39d7474b63ada6e1a6d60bf32680e06a5265f88439942a37f8be3f668b78c2b2
Matiex
4ce8d212b9b2f3d74d6b4fcaa3f696a232355632fec07e65d5c84e7aecbb77b7
Matiex
4d9b89978e6ca9cf14cb1f04859e01e66c1e0dbefedd1663617647535c0b3fa0
Matiex
6a0a4894127b64d80992079cbcce8ab2b6998e65ac8dca03259697db83dc9332
Matiex
7b8737c1334e0ed07632ae06bf455a47ca63ed00b8dc3633d09b028c91868405
Matiex
8480058fc20ebfef47d1ebccbb54b88f656715b99c2d4e80ad46b05906ff4dbe
Matiex
ab1da8377cc00a708cb0430c6c1ab1963a3a6866534b1b515c409925d660ae56
Matiex
baf6a75e20150f7383f636a2a41241dd6f5a1fcfbfec13944ebd8e02479123ee
Matiex
c755cbe34fdad2ee86d4c6226d040ea111489e468df67a70c32cb890d1ed90ac
Matiex
ccedefbb232fd22909bc7b342fe7d3c1e0551b149a0b2e392a23030ceef1814e
Matiex
+ 51 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  7/10
Tags:
spyware
Link:
https://tria.ge/reports/200731-phs9sz8xe6/
Behaviour
Reads user/profile data of web browsers
Reads user/profile data of local email clients
Reads user/profile data of web browsers
Reads user/profile data of local email clients
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/a6c1e44de59c65df02ffd162f73db244173679bfdd4e8164bada4cc55ac596c7

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other
Cape
Cape
https://www.capesandbox.com/analysis/36625/

Comments