MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f4f4c2d0ac9ffc3b660aecd8f9a41711000fd7f4cc2a81fe4134ec559e6f18fc. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: f4f4c2d0ac9ffc3b660aecd8f9a41711000fd7f4cc2a81fe4134ec559e6f18fc
SHA3-384 hash: fdc36be94fd74bfe0caf8598fd607fa7a0736c6161f3895675c8081eb1337d54bcd191ca0584630bc19c97572dfb6ad3
SHA1 hash: 31a33d7d3dff382b44443d874fca31c8cd62a4df
MD5 hash: 2fba170a708033c1193d0a7723ba2c8d
humanhash: undress-alaska-quebec-tango
File name:Statement of Account from Fuzhou Jianxiang.gz
Download: download sample
Signature MassLogger
Create hunting rule
File size:54'342 bytes
First seen:2020-10-16 12:39:50 UTC
Last seen:Never
File type: gz
MIME type:application/x-rar
ssdeep 1536:zmXNahPy5+G1Dfj11PadXkXP50eF1nWa3QzUkOuYbCz:KNahPwBa9Q0eFozU+YGz
TLSH EC33F17654451BE0051FA5AEE387640D67A0DAE180A4E0D8BCC961DFA734FDE49DB0B3
Reporter abuse_ch
Tags:gz MassLogger


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: m9746.mail.qiye.163.com
Sending IP: 220.181.97.46
From: sales <sale@jxmarine.com>
Subject: Statement of Account from Fuzhou Jianxiang
Attachment: Statement of Account from Fuzhou Jianxiang.gz (contains "Statement of Account from Fuzhou Jianxiang.exe")

MassLogger SMTP exfil server:
bh-58.webhostbox.net:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
62
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/f4f4c2d0ac9ffc3b660aecd8f9a41711000fd7f4cc2a81fe4134ec559e6f18fc/
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=6t2mfufmt76dwzqk5tmptjaxceaa7v7uzqvid7sbgtwflhtpdd6a._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/f4f4c2d0ac9ffc3b660aecd8f9a41711000fd7f4cc2a81fe4134ec559e6f18fc

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

gz f4f4c2d0ac9ffc3b660aecd8f9a41711000fd7f4cc2a81fe4134ec559e6f18fc

(this sample)

MassLogger

Executable exe 4e3fbf643241ed1d88707fd4a022c5fb312a75004af4ef18adb0b0fc47e6f5b7

  
Dropping
MD5 b0f7b5f3b31bee0ed725d4f7acbef97a
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 4e3fbf643241ed1d88707fd4a022c5fb312a75004af4ef18adb0b0fc47e6f5b7

Comments