MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d42b286aa130634ab7f384cb22334b991d348c5dc46d780c5acf091681930cce. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d42b286aa130634ab7f384cb22334b991d348c5dc46d780c5acf091681930cce
SHA3-384 hash: ea807ff68894476fd1fcf1b70249a4534666248c8c6a6ff00d925fc7c9c7ba963a249b152afa22fedc680d191c73b0c8
SHA1 hash: 0bbdf65f077a9dcfde9d4c307a41486d12c846af
MD5 hash: 75dc11494b63f509f792ed93afe585b3
humanhash: angel-six-charlie-harry
File name:Machine drawing.img
Download: download sample
Signature MassLogger
Create hunting rule
File size:1'835'008 bytes
First seen:2020-11-19 07:20:01 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 24576:klx9ObBlaCoJbm526rSGdHm+arb0JaqNnPmOUFP43iNGG:IGG
TLSH 39854AF4A1AB24D1F61F853696ADBD9402B2B2D79FC37948633DE2700BB26627F0450D
Reporter abuse_ch
Tags:img MassLogger


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: vps-3871858.yjara.com
Sending IP: 162.241.101.217
From: RMS Machinery <rudy@rmsmachinery.com>
Reply-To: info@miabasto.com
Subject: Request for Machine Quotation (Michigan Project)
Attachment: Machine drawing.img (contains "Machine drawing.exe")

MassLogger SMTP exfil server:
bh-58.webhostbox.net:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
98
Origin country :
n/a
Vendor Threat Intelligence
Result
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/d42b286aa130634ab7f384cb22334b991d348c5dc46d780c5acf091681930cce/
Threat name:
ByteCode-MSIL.Infostealer.ClipBanker
Create hunting rule
Status:
Malicious
First seen:
2020-11-19 07:20:06 UTC
AV detection:
14 of 28 (50.00%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=2qvsq2vbgbruvn7tqtfsem2lteotjdc5yrwxqdc2z4ernamtbtha._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

img d42b286aa130634ab7f384cb22334b991d348c5dc46d780c5acf091681930cce

(this sample)

MassLogger

Executable exe 0728fd4058762cdab5e5366f0e353fc86437707048e0a5a915a1d2c433a67c7c

  
Dropping
MD5 436f1f00588b42189b6f818fa15af051
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 0728fd4058762cdab5e5366f0e353fc86437707048e0a5a915a1d2c433a67c7c

Comments