MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d2ef491097d1be7e513767304dc227d96d640e66ecaef4bf0333303575cc1f3b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d2ef491097d1be7e513767304dc227d96d640e66ecaef4bf0333303575cc1f3b
SHA3-384 hash: 944f57a508a61ced91f2e095d94176904ef1b8d358e22eefc2d815e056e2fcfa01d8da9039065ee522c84bb74632f2d1
SHA1 hash: 75da880bac75a323a93d21c4d65c8ba099e9d9aa
MD5 hash: dfe40157ae624d952d9b24c8771d933d
humanhash: twelve-equal-item-oscar
File name:Inv UF-1819917 Bank Transfer Receipt Wp Sport.img
Download: download sample
Signature Matiex
Create hunting rule
File size:1'441'792 bytes
First seen:2020-10-12 06:18:12 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 12288:nKLrGOKo8rHS1OyhgOpUl+m+RnhBVQUaKaVk2VLuA3333333333333333333333F:nKLrGRoYHSYy8l+fRnpQMa1CMmyZcgc
TLSH 5F65269D6112BD72DEF846733673B4C919F06AB21800F2097DCC76ECC6A1176AB2D9C6
Reporter abuse_ch
Tags:img Matiex


Avatar
abuse_ch
Malspam distributing Matiex:

HELO: atl4mhob25.registeredsite.com
Sending IP: 209.17.115.122
From: orders <orders@echoproducts.com>
Reply-To: orders <orders@echoproducts.com>
Subject: Fwd: Fwd: Fwd: 30% down payment WPS New Purchase Order Po# UF-1819917
Attachment: Inv UF-1819917 Bank Transfer Receipt Wp Sport.img (contains "Inv# UF-1819917 Bank Transfer Receipt Wp Sport.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
85
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/d2ef491097d1be7e513767304dc227d96d640e66ecaef4bf0333303575cc1f3b/
Threat name:
ByteCode-MSIL.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-10-12 03:40:27 UTC
AV detection:
4 of 48 (8.33%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=2lxuseex2g7h4ujxm4ye3qrh3fwwidtg5sxpjpydgmydk5omd45q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Kryptik
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/d2ef491097d1be7e513767304dc227d96d640e66ecaef4bf0333303575cc1f3b

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

img d2ef491097d1be7e513767304dc227d96d640e66ecaef4bf0333303575cc1f3b

(this sample)

Matiex

Executable exe 4ef4b992bece8ea1963a7cfb7eb66970890c65f13ecb6cad17097bc364a4e0d0

  
Dropping
MD5 cecc63d690d8ac8efd7fd9719507d502
  
Dropping
Matiex
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 4ef4b992bece8ea1963a7cfb7eb66970890c65f13ecb6cad17097bc364a4e0d0

Comments