MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ab39bfdbf5464801db48b5cffbd6bd374e329fccbeb602a998f0769da164620f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ab39bfdbf5464801db48b5cffbd6bd374e329fccbeb602a998f0769da164620f
SHA3-384 hash: 4b5b7b9ddde5af62699d4fab6b86beebeb1d2d1d6e042e973f22ca477145103593ced9350bed0df96c86fababdedbf96
SHA1 hash: 15567e225e32870b99a87f19cfcb857e7fc3167f
MD5 hash: 0997f8dc757292a69766a928dd446056
humanhash: aspen-foxtrot-mirror-comet
File name:Purchasing Doc_ 6000019430.rar
Download: download sample
Signature MassLogger
Create hunting rule
File size:700'955 bytes
First seen:2020-07-07 09:08:29 UTC
Last seen:2020-07-08 10:32:33 UTC
File type: rar
MIME type:application/x-rar
ssdeep 12288:spjKV+k/o4XSlDbDj7+DhXt2V1qz2gvbiteNkC6qLHpqLFcoTnks+FcBQ6fPR4LR:CBkFClDr7CHZuCZLHpqLGUnIF8Q6fPq1
TLSH 64E42394F6ED4E8CCA315E1D93842272607F5A3F84E72F0525C8D3FB7628A219A7E5C1
Reporter abuse_ch
Tags:MassLogger rar


Avatar
abuse_ch
Malspam distributing MassLogger:

From: Suman Talwar <Suman.Talwar@jmdconsultants.co.in>
Subject: RE: JMD Consultants Purchasing Doc. 6000019430
Attachment: Purchasing Doc_ 6000019430.rar (contains "Purchasing Doc_ 6000019430.exe")

MassLogger SMTP exfil server:
mail.itdone.cz:587

Intelligence

File Origin
# of uploads :
2
# of downloads :
75
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/ab39bfdbf5464801db48b5cffbd6bd374e329fccbeb602a998f0769da164620f/
Threat name:
ByteCode-MSIL.Ransomware.TeslaCrypt
Create hunting rule
Status:
Malicious
First seen:
2020-07-07 09:10:08 UTC
AV detection:
16 of 29 (55.17%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=vm437w7vizeadw2iwxh7xvv5g5hdfh6mx23afkmy6b3j3ilemihq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

rar ab39bfdbf5464801db48b5cffbd6bd374e329fccbeb602a998f0769da164620f

(this sample)

MassLogger

Executable exe 82b3bc554c3ed5e698153da5badfd3973e337c49ee8477847b2ca0fdda98b895

  
Dropping
MD5 e956a3cc966ca07ff6d7e56bbd78b2c4
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 82b3bc554c3ed5e698153da5badfd3973e337c49ee8477847b2ca0fdda98b895

Comments