MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ee2ad2e20582f55bf1f770795c07595b22505be9e9c7f6b491889b976e051532. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ee2ad2e20582f55bf1f770795c07595b22505be9e9c7f6b491889b976e051532
SHA3-384 hash: fdc01893f688cce6f4b6cc51b394ce3dd2e03a43983729b0bdd7409a08fed24d4447a49faffe0db9af7cec5d1f209024
SHA1 hash: c9d5825af10b2b15f62082cdc72e649cef9eeadf
MD5 hash: dbd61226a3da2806edb46d17901c72c4
humanhash: texas-green-paris-happy
File name:DEKONT.zip
Download: download sample
Signature Matiex
Create hunting rule
File size:212'972 bytes
First seen:2020-10-16 10:36:00 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:tHjBB/tqQsbtBrNIDqvdsoLBCYG56S0rz6Ne:tHjH/tZ2Bcq2N8rz6U
TLSH 2F242390EF19C8DA1148543A0638FFAB394AD75CD682F429360E2B72D7DDD78D327886
Reporter abuse_ch
Tags:GarantiBBVA geo Matiex TUR zip


Avatar
abuse_ch
Malspam distributing Matiex:

HELO: hosted-by.rootlayer.net
Sending IP: 185.222.57.209
From: Garanti BBVA Internet <dekont@garantibbva.com.tr>
Subject: DEKONT
Attachment: DEKONT.zip (contains "DEKONT.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
94
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/ee2ad2e20582f55bf1f770795c07595b22505be9e9c7f6b491889b976e051532/
Threat name:
Win32.Trojan.Zenpak
Create hunting rule
Status:
Malicious
First seen:
2020-10-15 20:55:05 UTC
AV detection:
9 of 48 (18.75%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=5yvnfyqfql2vx4pxob4vyb2zlmrfaw7j5hd7nnerrcnzo3qfcuza._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/ee2ad2e20582f55bf1f770795c07595b22505be9e9c7f6b491889b976e051532

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

zip ee2ad2e20582f55bf1f770795c07595b22505be9e9c7f6b491889b976e051532

(this sample)

Matiex

Executable exe d57b7809ae71b779b00aa2e7e3b55c3ff6c210453e19a872489e330285031ed3

  
Dropping
MD5 da248e530b6e65e7457a6d472e0aeb47
  
Dropping
Matiex
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 d57b7809ae71b779b00aa2e7e3b55c3ff6c210453e19a872489e330285031ed3

Comments