MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 fda00995bbb4371f22dfad5c29bdfd0830a7c7a7aa0a0c088a1ec29ce1212373. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


MassLogger


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: fda00995bbb4371f22dfad5c29bdfd0830a7c7a7aa0a0c088a1ec29ce1212373
SHA3-384 hash: 866fbe416ccd1ca3154f460cdabdc02b81b91a5431429aeec5ec92f70df80bfd9fe7f5b8634d14714eace356ec63e8f8
SHA1 hash: 68f4e3aa51c817199f0dbe2dbccf3f666da2b8d7
MD5 hash: b463131bd05bd389265408a097c631ab
humanhash: undress-july-georgia-harry
File name:Z201010BBSNKKMC.rar
Download: download sample
Signature MassLogger
Create hunting rule
File size:657'384 bytes
First seen:2020-10-13 05:44:34 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:Mmpi/sM4HabxwJsJXY2JPtLa+VTZnVAOYqhTVcWLJOoGaduTql4OG96:Mo2sM44+JIxtLa6nVThTVcUJqaD26
TLSH 14E42307A8EC4663B24EBF728681F8354B7369EAB02D9F107A869D3D56134582121DFB
Reporter abuse_ch
Tags:MassLogger rar


Avatar
abuse_ch
Malspam distributing MassLogger:

HELO: proje.mertbilisim.net
Sending IP: 85.95.240.168
From: ZIRAAT BANKASI <ziraat@ileti.ziraatbank.com.tr>
Reply-To: noreply <mintchin1@gmail.com>
Subject: Ekim Ayı E-Ekstre Servisi
Attachment: Z201010BBSNKKMC.rar (contains "kesh (1).exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
86
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/fda00995bbb4371f22dfad5c29bdfd0830a7c7a7aa0a0c088a1ec29ce1212373/
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=7wqatfn3wq3r6iw7vvoctpp5baykpr5hvifaycekd3bjzyjbenzq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/fda00995bbb4371f22dfad5c29bdfd0830a7c7a7aa0a0c088a1ec29ce1212373

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

MassLogger

rar fda00995bbb4371f22dfad5c29bdfd0830a7c7a7aa0a0c088a1ec29ce1212373

(this sample)

MassLogger

Executable exe 2fea8f7c727460dfd943dce7f9bb051f188f37a0150a132039a1892f18749ff3

  
Dropping
MD5 c6d695ab21cb17ac8fa23d9fee41002a
  
Dropping
MassLogger
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 2fea8f7c727460dfd943dce7f9bb051f188f37a0150a132039a1892f18749ff3

Comments