MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 adfd200a16ffe7c04631176e3ad03ded8785c7ecf9581f42915ea199f8c27e9b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 2 Yara 1 Comments

SHA256 hash: adfd200a16ffe7c04631176e3ad03ded8785c7ecf9581f42915ea199f8c27e9b
SHA3-384 hash: 7ba022647b68392c0dcde0e2ea62048cbea52f3ab281b86848e23b59468e802cb1d09ea096f934d32c38fac1c3d0ffb2
SHA1 hash: 3566b5b47538584cf7866c3030084eafbf67bbae
MD5 hash: e1523c7b16c25f71620c2f5c9d60503d
humanhash: purple-don-stream-cola
File name:ot1ZIWtPLBLdX65.exe
Download: download sample
Signature MassLogger
File size:726'016 bytes
First seen:2020-06-30 14:24:20 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 12288:isyed5lYRZD1tjWMO52H11yR+xbX+E8Wd8QzChyezm763kMjzRUSnfK:imd4R/tTuA0ubkTQzChyezm7+BHGd
TLSH B2F4120036AD6937CAEC49F941526A4403B594F93942FFDAACC660EE17EFFEC1602527
Reporter @James_inthe_box
Tags:exe MassLogger

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 32
Origin country FR FR
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/17270/
ClamAV SecuriteInfo.com.MSIL.Kryptik.VFR-1.UNOFFICIAL
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/adfd200a16ffe7c04631176e3ad03ded8785c7ecf9581f42915ea199f8c27e9b/
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Kryptik
First seen:2020-06-30 08:21:16 UTC
AV detection:27 of 31 (87.10%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   1/10
Malware Family:n/a
Link: https://tria.ge/reports/200630-8bf37ygshn/
Tags:n/a
VirusTotal:Virustotal results 20.83%

Yara Signatures


Rule name:masslogger_gcch
Author:govcert_ch

File information


The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments