MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 de2955c99e6c58997641899e6534142f26de80368887da0c4fb501eb1b027308. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 2 File information 2 Yara Comments 1

SHA256 hash: de2955c99e6c58997641899e6534142f26de80368887da0c4fb501eb1b027308
SHA3-384 hash: 88f4f5f79b53d1a898a9f1354b562ae228e862dc6e9db779ef707ba36c5d849af12fff8270eaa230a11b8942e3d73515
SHA1 hash: 5ac9d18cdb4a218b17382f8afe157348ecb18f5e
MD5 hash: 3b96b40684f1b7ae1d901e17cfe6bbca
humanhash: hamper-florida-nebraska-king
File name:RFQ.exe
Download: download sample
Signature MassLogger
File size:931'840 bytes
First seen:2020-06-30 14:32:16 UTC
Last seen:2020-06-30 16:01:26 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 12288:OmAUZgUkkydwUmV5eyzN/qOIR2W18yiJ9itcbBFcabdceP46Tm7C3Dx/rCVUeSZ:TZg5pwU65XzBqx1xBOBFdcI4SND9uu
TLSH B415012122EC8F5AC1FD5FFFA97C320017397A152527E74E8D85B1DE08267C089A679B
Reporter @James_inthe_box
Tags:exe MassLogger

Intelligence


Mail intelligence
Trap location Impact
Global Low
# of uploads 2
# of downloads 32
Origin country FR FR
CAPE Sandbox Detection:n/a
Link: https://www.capesandbox.com/analysis/17278/
ClamAV SecuriteInfo.com.Generic.mg.3b96b40684f1b7ae.11784.UNOFFICIAL
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/de2955c99e6c58997641899e6534142f26de80368887da0c4fb501eb1b027308/
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Injuke
First seen:2020-06-30 05:18:39 UTC
AV detection:14 of 31 (45.16%)
Threat level:   2/5
Spamhaus Hash Blocklist :Suspicious file
Hatching Triage Score:   1/10
Malware Family:n/a
Link: https://tria.ge/reports/200630-dxp5n3dbsn/
Tags:n/a
VirusTotal:Virustotal results 16.67%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments



Avatar
Marc Rivero López commented on 2020-06-30 15:28:56 UTC

#masslogger