MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e6ebba3e4d46d85ffdedd77fd4eb2337c970c04d41adb428ef510ad4803f1a1b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

MassLogger

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	e6ebba3e4d46d85ffdedd77fd4eb2337c970c04d41adb428ef510ad4803f1a1b
SHA3-384 hash:	ac8978a24ec9316502dac126a28f20c4f2e5126ce5243c3dcfa3e4c2179314a21687ee095fc06321812fa8f5150fb654
SHA1 hash:	ccf7be937d9afd1a27fb2cb78844d34fba2c4103
MD5 hash:	100a030a78dcdb1b61cce5d26609c065
humanhash:	angel-moon-fillet-thirteen
File name:	ORDER-CONFIRMATION.bz
Download:	download sample
Signature	MassLogger Create hunting rule
File size:	584'889 bytes
First seen:	2020-10-16 13:03:32 UTC
Last seen:	Never
File type:	rar
MIME type:	application/x-rar
ssdeep	12288:FrBHHfvQ4bq59mDZFY2Z+3lFeqT3FWi/QGfL/O5:JlQKq5SFY2Z+3WqT3FNIIg
TLSH	9DC4239E975EC50C2E7E64BD99F58FA406ABF321787D2CD72702C394AAA404E153C02F
Reporter	abuse_ch
Tags:	bz MassLogger

abuse_ch

Malspam distributing unidentified malware:

HELO: out.exch025.serverdata.net
Sending IP: 64.78.32.136
From: Dispatch at Copp Trucking <Dispatch@copptrucking.com>
Subject: ORDER CONFIRMATION
Attachment: ORDER-CONFIRMATION.bz (contains "ORDER-CONFIRMATION.exe")