MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e617e9a809ed5b682d8ee48d4a8cff379d8c5bcb8688da7b8b3f249185e8a135. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



MassLogger


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments

SHA256 hash: e617e9a809ed5b682d8ee48d4a8cff379d8c5bcb8688da7b8b3f249185e8a135
SHA3-384 hash: 10464be977338d5fe62e39b2ff654ae704290787c2f6a143145aeb3dc1f20a1bd79f9128bcdade6428437f26161228ff
SHA1 hash: 5116a60a10eadccbb4c4def61943a85dbe6b1d28
MD5 hash: e00a45db193eb71cf958ecae5f33af30
humanhash: island-shade-cup-wisconsin
File name:INV doc9450940983355523.pdf.uu
Download: download sample
Signature MassLogger
File size:894'083 bytes
First seen:2020-10-22 16:12:31 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 24576:4AJFgGX81KC+m5PE7yjI5OjumDhyHUDDz3D3:FJFgGMAjm5chUt9yHU/
TLSH 521533479ACEF83DE1FCFDC43BD7645D851340ABBD26C3EAA0F26A268E64659440048F
Reporter abuse_ch
Tags:MassLogger uu


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: m1mkyc5j.ni.net.tr
Sending IP: 89.252.168.52
From: trust@al-tuwaijri.com
Subject: ACİL REVİZE PI
Attachment: INV doc9450940983355523.pdf.uu (contains "INV doc9450940983355523.pdf.exe")

Intelligence


File Origin
# of uploads :
1
# of downloads :
74
Origin country :
n/a
Vendor Threat Intelligence
Threat name:
ByteCode-MSIL.Spyware.Noon
Status:
Malicious
First seen:
2020-10-22 10:15:15 UTC
AV detection:
20 of 29 (68.97%)
Threat level:
  2/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

rar e617e9a809ed5b682d8ee48d4a8cff379d8c5bcb8688da7b8b3f249185e8a135

(this sample)

  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment

Comments