MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a9f6f4a036a29fa164f0f74cef5fb57171ad599e04ec25b02a78c59cdcdecdd3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a9f6f4a036a29fa164f0f74cef5fb57171ad599e04ec25b02a78c59cdcdecdd3
SHA3-384 hash: a164bda70fa5c99285132aa7be77b283becee0545ba0c712767e5c22f862516fecfb93acb221b975956bf2dee57a1039
SHA1 hash: 02eaa6af47414a82d733372e540dc41157bb59a4
MD5 hash: d7b54b65df1fdbcc8dabdb642e3d6110
humanhash: october-hawaii-iowa-blossom
File name:4797508E2-20F2-42C-879A-1C35.rar
Download: download sample
Signature Matiex
Create hunting rule
File size:221'585 bytes
First seen:2020-10-19 10:31:56 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:3Vo1u90o7yEGVIkTvbbD6ak3sHIr3tfl5DfgAW1Ubg:SQIfVpTyL8HIbt/820
TLSH 532423E06E70C13C2355AA24368F3A477C29F817E1A375ABB36B5403F5FD641AA43571
Reporter abuse_ch
Tags:geo Halkbank Matiex rar TUR


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: server.elmasgrafik.com
Sending IP: 185.48.182.122
From: financierocvc@gmail.com
Reply-To: halkbank.e-ekstre@halkbank.com.tr
Subject: DEKONT
Attachment: 4797508E2-20F2-42C-879A-1C35.rar (contains "4797508E2-20F2-42C-879A-1C35.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
100
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a9f6f4a036a29fa164f0f74cef5fb57171ad599e04ec25b02a78c59cdcdecdd3/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=vh3pjibwukp2czhq65go6x5vofy22wm6atwclmbkpdczzxg6zxjq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/a9f6f4a036a29fa164f0f74cef5fb57171ad599e04ec25b02a78c59cdcdecdd3

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip a9f6f4a036a29fa164f0f74cef5fb57171ad599e04ec25b02a78c59cdcdecdd3

(this sample)

Matiex

Executable exe bc3d62c45c60396f1896ca688f72acc91af5412bedd3d1c7ec3f6b1e3891f198

  
Dropping
MD5 6a44a7c90b737edd4143bd8332a61f11
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 bc3d62c45c60396f1896ca688f72acc91af5412bedd3d1c7ec3f6b1e3891f198

Comments