MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e18f3838ded04d1d33ee3518a73cdeb61a7d6f2de3cd59afafe312aa53619a4d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: e18f3838ded04d1d33ee3518a73cdeb61a7d6f2de3cd59afafe312aa53619a4d
SHA3-384 hash: f84ba5f6bb374fc33ef66979b4a2e23649ca69ac6b2ecef250dabf3f36ef9bb2a64bca025fbd02a47464ea8b38c86c7c
SHA1 hash: b5901010420341a7df0f7b7619bf768cbb8ef44c
MD5 hash: 19e64da51c62de69506b1233260b7e94
humanhash: december-alaska-yellow-bakerloo
File name:Bigso Container 735.rar
Download: download sample
Signature Matiex
Create hunting rule
File size:718'307 bytes
First seen:2020-10-27 12:41:36 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:JLBOmaLDaEXq9nXyOWU68bSIFWRd4S1KY6m6ZYoSoOvsvTTB0wx1MKisPeu:JLqaEXn2bWmqNjoSozB3x1jNB
TLSH C1E42300C39AEA3D0C464A4CB03EEB06F6067A95F61CFE52166F5B51127B5BFCB07A06
Reporter abuse_ch
Tags:Matiex rar


Avatar
abuse_ch
Malspam distributing Matiex:

HELO: mail.qcol.net
Sending IP: 69.89.160.11
From: Anup<bdjadewitt@qcol.net>
Reply-To: descomotor@gmail.com
Subject: PO
Attachment: Bigso Container 735.rar (contains "Bigso Container 735.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
81
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/e18f3838ded04d1d33ee3518a73cdeb61a7d6f2de3cd59afafe312aa53619a4d/
Threat name:
ByteCode-MSIL.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-10-27 12:13:02 UTC
AV detection:
8 of 48 (16.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=4ghtqog62bgr2m7ogumkopg6wynh23zn4pgvtl5p4mjkuu3btjgq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/e18f3838ded04d1d33ee3518a73cdeb61a7d6f2de3cd59afafe312aa53619a4d

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

rar e18f3838ded04d1d33ee3518a73cdeb61a7d6f2de3cd59afafe312aa53619a4d

(this sample)

Matiex

Executable exe 2e019576eeddcef34df299a77887ce790e8b3130bccc7507987a3b328d98470f

  
Dropping
MD5 eee38f91a59b0b9e8a6e266dc41abb7b
  
Dropping
Matiex
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 2e019576eeddcef34df299a77887ce790e8b3130bccc7507987a3b328d98470f

Comments