MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f66021855125d9a14c2eb1416f29cc20a9e62141d2b55e5eb0ab604fc982870c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: f66021855125d9a14c2eb1416f29cc20a9e62141d2b55e5eb0ab604fc982870c
SHA3-384 hash: 8c102f139e8fd650bef94010daf0818052815fd22267cb16956aba57d803cb5d215749b351060eb4bffec4e840d092ce
SHA1 hash: 60509170406d8ec4120912f83a6469b2040b6d16
MD5 hash: 7fab88171dd924795abb6e97792979c0
humanhash: emma-east-fix-white
File name:Detail Items 25-6-2020.lzh
Download: download sample
Signature MassLogger
Create hunting rule
File size:476'017 bytes
First seen:2020-06-26 15:43:56 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 6144:NjVJhck72BCD1GkvKYVCFzCSzBDoMGPctPk8kU4+AY8CqWXlw820Q26txTrdJILm:F1p7VKyCFNzpGPchAfGlX20Q2mxTyE9N
TLSH B0A423D409EC2EED7007CC0521B979CB13755A0B4BA29B4358E0CFC29AEF56E94E426D
Reporter abuse_ch
Tags:lzh MassLogger


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: v188118.serveradd.com
Sending IP: 103.11.188.118
From: Victor Zhang <info@sspavese.com>
Reply-To: vip@mi-mail.cl.emailserver
Subject: Re: items to Supply 49069....
Attachment: Detail Items 25-6-2020.lzh (contains "Detail Items 25-6-2020.exe")

MassLogger SMTP exfil server:
smtp.seznam.cz:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
92
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/f66021855125d9a14c2eb1416f29cc20a9e62141d2b55e5eb0ab604fc982870c/
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-06-26 15:45:05 UTC
AV detection:
15 of 31 (48.39%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=6zqcdbkrexm2ctbowfaw6komecu6mikb2k2v4xvqvnqe7smcq4ga._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

rar f66021855125d9a14c2eb1416f29cc20a9e62141d2b55e5eb0ab604fc982870c

(this sample)

MassLogger

Executable exe 9446594ffd70c6c48af3d6842ae778cef4b6ebe3d6f1b1af2ecec8658af110fe

  
Dropping
MD5 603b8af5eba5de5a2650fb7ff09be7a9
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 9446594ffd70c6c48af3d6842ae778cef4b6ebe3d6f1b1af2ecec8658af110fe

Comments