MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e9295dd329dcc4a87a96772a910ba5d951f20bf5b4aad56dd2504eb10969fa88. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: e9295dd329dcc4a87a96772a910ba5d951f20bf5b4aad56dd2504eb10969fa88
SHA3-384 hash: 3c4254ec1cd63a8303ef893a1ade146a64ac879ae935721ad71c751aebd59bb8d7123deb324cea3676c55f5ae1e91dc3
SHA1 hash: 853e3406fa80583b6e424cfc66ea58911a4b7ec3
MD5 hash: 46dbab73b6e0dfd141f7ddbb26f5dc41
humanhash: sweet-grey-xray-kansas
File name:M09080000000.img
Download: download sample
Signature Matiex
Create hunting rule
File size:192'084 bytes
First seen:2020-08-04 14:00:21 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 3072:MnWhJTVY6DU5gkX8MEgwU2/spJTDkvuOswuvRyP367xKZGVGavP5Ztdd:Mn4XegksdgwVETKAYP3KKkVTp7dd
TLSH 1014127475093E06189DA6EA4B0A184FE6EC0CABBFC41345FEC0E5127947F6806F9A7D
Reporter abuse_ch
Tags:img Matiex


Avatar
abuse_ch
Malspam distributing Matiex:

HELO: somosindustria.com
Sending IP: 45.137.22.52
From: sales <sales@somosindustria.com>
Subject: Factura/Por favor reconfirme sus datos bancarios
Attachment: M09080000000.img (contains "M09080000000.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
76
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Fareit-FVK072C613D1F93.25124.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/e9295dd329dcc4a87a96772a910ba5d951f20bf5b4aad56dd2504eb10969fa88/
Threat name:
ByteCode-MSIL.Infostealer.Fareit
Create hunting rule
Status:
Malicious
First seen:
2020-08-04 14:02:06 UTC
AV detection:
11 of 48 (22.92%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=5euv3uzj3tckq6uwo4vjcc5f3fi7ec7vwsvnk3oskbhlcclj7kea._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/e9295dd329dcc4a87a96772a910ba5d951f20bf5b4aad56dd2504eb10969fa88

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip e9295dd329dcc4a87a96772a910ba5d951f20bf5b4aad56dd2504eb10969fa88

(this sample)

Matiex

Executable exe 90524b90bad8dd82b6b6aa41f4f98211dd5e6d0c9524e72a72e8a1e855b71689

  
Dropping
MD5 072c613d1f936ac409e59949503ab55e
  
Dropping
Matiex
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 90524b90bad8dd82b6b6aa41f4f98211dd5e6d0c9524e72a72e8a1e855b71689

Comments