MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b0bbb1927b4b215ec8d45e9881c28caaaa733818bbbd3b3a351a87fe92f7a681. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b0bbb1927b4b215ec8d45e9881c28caaaa733818bbbd3b3a351a87fe92f7a681
SHA3-384 hash: bc5dbe52b1dc1ec3ac24ebcc4517e39150a578888b30f520c85f6c85395b450d4e06d761ff48832f06c8accb128eb367
SHA1 hash: 00344acdb0e1d571c150e9a76931199eb280dd02
MD5 hash: 34812e59eba05ca03bcee66ffc2ea4b6
humanhash: island-salami-zebra-berlin
File name:Pics_Documents_logo_specifications.7z
Download: download sample
Signature Matiex
Create hunting rule
File size:1'709'284 bytes
First seen:2021-01-14 06:53:51 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 49152:4wIh9CVf18W0Wkpvc/v86ZwCDvCalOrMd:4WtOWkc/vLwEvCac6
TLSH EB853316F0EEC5109551767AD8C473504C322C27BDA29B44AFB836ECCFAA2F66F34625
Reporter abuse_ch
Tags:7z Yahoo


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: sonic314-20.consmr.mail.ir2.yahoo.com
Sending IP: 77.238.177.146
From: barrcamaraxtopher@yahoo.fr
Subject: 3 x 40ft Container Mixed
Attachment: Pics_Documents_logo_specifications.7z (contains "B6LNCKjOGt5EmFQ.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
125
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.Siggen11.57608.UNOFFICIAL
Create hunting rule

Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b0bbb1927b4b215ec8d45e9881c28caaaa733818bbbd3b3a351a87fe92f7a681/
Threat name:
Win32.Trojan.Razy
Create hunting rule
Status:
Malicious
First seen:
2021-01-14 06:54:08 UTC
AV detection:
10 of 46 (21.74%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=wc53det3jmqv5sgul2midqumvkvhgoayxo6tworvdkd75exxu2aq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.61
Link:
https://yomi.yoroi.company/submissions/b0bbb1927b4b215ec8d45e9881c28caaaa733818bbbd3b3a351a87fe92f7a681

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip b0bbb1927b4b215ec8d45e9881c28caaaa733818bbbd3b3a351a87fe92f7a681

(this sample)

Matiex

Executable exe 3e48d983e3315501931c646f896a8189637f5b9d21c453b051cd17f2584ee3c4

  
Dropping
MD5 80d255a6a5ec339e15d6fec3c0fef666
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 3e48d983e3315501931c646f896a8189637f5b9d21c453b051cd17f2584ee3c4

Comments