MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a856e5350e746c93706bb1ab5ea9ecf205fa1ac10c4363a248cd8b9ef456e66c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

MassLogger

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	a856e5350e746c93706bb1ab5ea9ecf205fa1ac10c4363a248cd8b9ef456e66c
SHA3-384 hash:	e8e4e6bdc52573c6f5a7a39df1d1398077ab2a418a92e3a3d93d7c440f7b9078fd90b9bc3258dbdd33fa5ea34498f273
SHA1 hash:	c09f78352b5c75babf80eee33b0bb23403ea5da1
MD5 hash:	6ca3db45bf4a118df5ede9f6cf474733
humanhash:	papa-uranus-oxygen-red
File name:	Order inquiry skmt042.zip
Download:	download sample
Signature	MassLogger Create hunting rule
File size:	864'973 bytes
First seen:	2020-08-05 08:26:21 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	24576:ueZn/1n9cXe+5MLZ4+9P0Hmix2SSr9QX64dXjnCubOoM9cjT9k:LZnh9c5yuminqaCuKRmTK
TLSH	1C0533BDBD55ECB2D38AB1628630F766DCF370F03A6AA08F7731AF551204189C9E1099
Reporter	abuse_ch
Tags:	MassLogger zip

abuse_ch

Malspam distributing unidentified malware:

HELO: imsantv22.netvigator.com
Sending IP: 210.87.247.10
From: Jennifer Yones <market002@biznetvigator.com>
Subject: QUOTE YOUR BEST ROCK BOTTOM PRICE ON FOB YOUR NEAREST PORT BASIS IN US$ AT YOUR EARLIEST.
Attachment: Order inquiry skmt042.zip (contains "Order inquiry skmt042.exe")