MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 edc03828f494523e020dd6073d93ef49fdf2e66afb2c4bc25df442da8fd3d3dd. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

MassLogger

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	edc03828f494523e020dd6073d93ef49fdf2e66afb2c4bc25df442da8fd3d3dd
SHA3-384 hash:	1d4020fc0ad651b6a5f8e4b9592090087c7b8f7088c0a41809bd99b52090f99b07ecc2b76effd20d6b71affc32f57b43
SHA1 hash:	99048f8747edcf8e1627dd1794355075cb57719e
MD5 hash:	3282a94d66745020402bfb7d22f9f67e
humanhash:	delaware-summer-texas-india
File name:	RFQ STR20- A1JAYS.zip
Download:	download sample
Signature	MassLogger Create hunting rule
File size:	210'537 bytes
First seen:	2020-10-27 10:24:42 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	3072:nZNE0BmiSx7Y2z1EQvFECutQblPW/pOUKcvxc4tqLrgB69wz8dbDcr:nZDBmiu7Y1QtBP5STPxc4YLrhwSbIr
TLSH	B024123D22CA8677855E71FCF74A5F912A48905EBB263877C24E5EAE448AD460E0EDC0
Reporter	abuse_ch
Tags:	MassLogger zip

abuse_ch

Malspam distributing MassLogger:

HELO: mail.h-email.net
Sending IP: 31.168.40.90
From: 'Jamey Machathil'<jamey@a1jays.com>
Subject: A1JAYS RFQ- NEW ORDER
Attachment: RFQ STR20- A1JAYS.zip (contains "RFQ & SAMPLES PRODUCTS 9-1009-GRGS 403.2MT STR20.pdf.exe")

MasssLogger SMTP exfil server:
mail.privateemail.com:587