MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 abb20b525046009cb38c994e7c25516ff8ed072add4c90d437353cf8e0243550. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: abb20b525046009cb38c994e7c25516ff8ed072add4c90d437353cf8e0243550
SHA3-384 hash: 73c5a18dc7a9e1d89f7f760fe7eac6c0402c88b88ce77e773037c28e26a9e81f20c8e8bbf7d0f99892d703f116373010
SHA1 hash: 5c156a72366ea826374f733f96605b915d03da28
MD5 hash: db136a3a848a3dfa8bb999a2583c8d0c
humanhash: skylark-mobile-victor-island
File name:Document_BT24PDF.iso
Download: download sample
Signature MassLogger
Create hunting rule
File size:962'560 bytes
First seen:2020-10-27 10:02:18 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 12288:iV/4rjvGiO9C6gn+0h4kn/n2zeblhPnlxt0Frttq+XzWHp771uzn6T1:7O9C6Aqk/nflj0o+XzWJ771uzn6h
TLSH 8D259EB27C92587ECA6B077551A985C0FABA16C73FA48B0D71AF430C0F11A5BEB53247
Reporter abuse_ch
Tags:geo iso MassLogger ROU


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: proleasing.ro
Sending IP: 193.238.58.230
From: Isabela Rusu <isabela.rusu@thermonet-sv.ro>
Subject: FW: Document - Banca Transilvania
Attachment: Document_BT24PDF.iso (contains "Document_BT24PDF.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
69
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/abb20b525046009cb38c994e7c25516ff8ed072add4c90d437353cf8e0243550/
Threat name:
ByteCode-MSIL.Infostealer.Maslog
Create hunting rule
Status:
Malicious
First seen:
2020-10-27 07:27:05 UTC
AV detection:
15 of 29 (51.72%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=vozawusqiyajzm4mtfhhyjkrn74o2bzk3vgjbvbxgu6prybegvia._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

iso abb20b525046009cb38c994e7c25516ff8ed072add4c90d437353cf8e0243550

(this sample)

MassLogger

Executable exe 56aa88c30296a6ce5054dc947d2a63d35ac152ba17e8732e60591f4cf900c475

  
Dropping
MD5 fbb69fa861c45d483a8eee4d0b925bd3
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 56aa88c30296a6ce5054dc947d2a63d35ac152ba17e8732e60591f4cf900c475

Comments