MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c70a4248ece62858d86bb7e53b2bcaa80150c2f3cd8c332e472de0316b42a5aa. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c70a4248ece62858d86bb7e53b2bcaa80150c2f3cd8c332e472de0316b42a5aa
SHA3-384 hash: 72aa7164437bd88df0a267a08ea1b42e1f7cf6a7ad656e4b7fd7f9c6235340bff701455a15b85305efcb97d3ddc3fd1b
SHA1 hash: c332140555156b6816e373587a920604928ae795
MD5 hash: 0d9b3355547b1083e97526fb71c7abe3
humanhash: rugby-moon-eighteen-nitrogen
File name:Previous Conversations and Order.7z
Download: download sample
Signature Matiex
Create hunting rule
File size:11'847 bytes
First seen:2020-12-21 07:40:29 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 192:LXpSgieB4ipoXBc2VyzEoT0q1TAkiG7j6R5MzgqbtL1uGwW7yWBlXYMnRwO5XeHR:LXpSoB4i2XBc2aA2QG36UZBL1uDWjX/W
TLSH 0F32D0A1EFCB1021E9415634D6DB3A226F9D33418412E46304BAEDD90EBD375E6311EC
Reporter abuse_ch
Tags:7z Yahoo


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: sonic307-10.consmr.mail.ne1.yahoo.com
Sending IP: 66.163.190.33
From: Amber <pratik.hakim@yahoo.com>
Reply-To: brentdamantel@gmail.com
Subject: 3 x 40ft Container Mixed
Attachment: Previous Conversations and Order.7z (contains "logo.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
128
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Heur.7967.21127.UNOFFICIAL
Create hunting rule

Result
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c70a4248ece62858d86bb7e53b2bcaa80150c2f3cd8c332e472de0316b42a5aa/
Threat name:
ByteCode-MSIL.Spyware.Noon
Create hunting rule
Status:
Malicious
First seen:
2020-12-21 04:46:44 UTC
AV detection:
22 of 48 (45.83%)
Threat level:
  2/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=y4feeshm4yufrwdlw7stwk6kvaavbqxtzwgdglshfxqdc22cuwva._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Trojan
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/c70a4248ece62858d86bb7e53b2bcaa80150c2f3cd8c332e472de0316b42a5aa

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip c70a4248ece62858d86bb7e53b2bcaa80150c2f3cd8c332e472de0316b42a5aa

(this sample)

Matiex

Executable exe 7beab2868ef93af646071fd61c0ab535230c0f9972980e1bded8f49c9f5392ef

  
Dropping
MD5 27023178af9de77b8eaa31b33718ebf2
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 7beab2868ef93af646071fd61c0ab535230c0f9972980e1bded8f49c9f5392ef

Comments