MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 aac74ca65aefeb01f32cc70bdee5e2219c3b46acc59e35be299f29462eeacc10. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: aac74ca65aefeb01f32cc70bdee5e2219c3b46acc59e35be299f29462eeacc10
SHA3-384 hash: aba726abea9961020d24c288b10d29bc9168c7c249c1743a4ef0e9f50e7ed9cab0818e516bc7a3939e632416262c1d14
SHA1 hash: f9f26c946a80e436fe8356c7af5826a7e2b3fdef
MD5 hash: a6b68f468725f24aa72cee453fe1bdb5
humanhash: table-venus-nitrogen-september
File name:doc2635648735473554753.r00
Download: download sample
Signature MassLogger
Create hunting rule
File size:755'403 bytes
First seen:2020-10-15 11:32:52 UTC
Last seen:2020-10-15 15:09:51 UTC
File type: r00
MIME type:application/x-rar
ssdeep 12288:O8MyqfI20RjYIy42A2xIM16DAQYjUdrfSpitwhKiOyFhUHt5JGqAVY6g7/Pi/Qup:vMVI2xdA0QqU1SpiyKiF6tyrY6g7/ao4
TLSH 50F4237EBCF50ACB497C092EAE9160BC1E534383D20CB771E5A85C9AB65937700B5BE4
Reporter abuse_ch
Tags:MassLogger r00


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: dehong.com.cn
Sending IP: 156.96.62.59
From: 潘文宇 <pwy@dehong.com.cn>
Reply-To: '潘文宇' <chris.b2020@yahoo.com>
Subject: order 75490 (66529)
Attachment: doc2635648735473554753.r00 (contains "doc2635648735473554753.exe")

Intelligence

File Origin
# of uploads :
2
# of downloads :
67
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/aac74ca65aefeb01f32cc70bdee5e2219c3b46acc59e35be299f29462eeacc10/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-10-15 07:40:21 UTC
AV detection:
4 of 48 (8.33%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=vlduzjs257vqd4zmy4f55zpcegodwrvmywpdlprjt4uumlxkzqia._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/aac74ca65aefeb01f32cc70bdee5e2219c3b46acc59e35be299f29462eeacc10

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

r00 aac74ca65aefeb01f32cc70bdee5e2219c3b46acc59e35be299f29462eeacc10

(this sample)

MassLogger

Executable exe 25f48722bf24e935d7bdca104b416f87424ced29dfec2fbebc817725f09af5f1

  
Dropping
MD5 1412c54dba0f4e0a5be8354195b38d5a
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 25f48722bf24e935d7bdca104b416f87424ced29dfec2fbebc817725f09af5f1

Comments