MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d8b2a50a4b44aa1781247c69031a1898c220268416b3ba441292ee344b3ecda4. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d8b2a50a4b44aa1781247c69031a1898c220268416b3ba441292ee344b3ecda4
SHA3-384 hash: 9cdbe5460bc82c7e34e65e25ecfe1d4754e6786a79acbf2a484e85492f9ff192ad78f700fdf710318eacd58cd7d9b754
SHA1 hash: fd864962206aadfd9f24d5030c92c7c06fd8b9ab
MD5 hash: df8121cb97430334ab520272f64f60b5
humanhash: lemon-cold-bulldog-fish
File name:sample ref.zip
Download: download sample
Signature MassLogger
Create hunting rule
File size:1'061'334 bytes
First seen:2020-10-23 09:29:42 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 24576:EeaOdT36vsg/kJ2xj2xXqtekFVNG0misCbacoOA+KlgS5iaSIFu65:9aOd78li6DFVrmisQaF93KIB5
TLSH 4B353398ECE2C7F18BDF30B9759DE5B0F8AC901089D322AD6B2D5E1C86289F5471E41D
Reporter abuse_ch
Tags:MassLogger zip


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: mailsnd1.chol.com
Sending IP: 203.252.1.138
From: dwmetal <dwmetal@chol.com>
Subject: FW:RE:Price Inquiry
Attachment: sample ref.zip (contains "sample ref.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
93
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Heur.1846.11093.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/d8b2a50a4b44aa1781247c69031a1898c220268416b3ba441292ee344b3ecda4/
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-10-23 08:33:25 UTC
AV detection:
19 of 29 (65.52%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=3czkkcslisvbpajepruqggqytdbcajuec2z3urasslxdisz6zwsa._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

zip d8b2a50a4b44aa1781247c69031a1898c220268416b3ba441292ee344b3ecda4

(this sample)

MassLogger

Executable exe 6bc296fc9ae6bdb27ca23398f69bfb7b44d69734ff0e03a3322fdf688117e2f5

  
Dropping
MD5 feb7720d0fc01cc58d32f54cf44daf22
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 6bc296fc9ae6bdb27ca23398f69bfb7b44d69734ff0e03a3322fdf688117e2f5

Comments