MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ff6459ca52183c69be1ef1764b9a1cd4c3436d2713483bf5ad219d2bff0d439e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 3 Yara Comments

SHA256 hash: ff6459ca52183c69be1ef1764b9a1cd4c3436d2713483bf5ad219d2bff0d439e
SHA1 hash: fe9c81cafac65c5b78a8b6fd629f7d69ed1f2f05
MD5 hash: dc26f87b2a4b65908a89673d1a4bf4d3
File name:RFQ NO. 4400008663.exe
Download: download sample
Signature MassLogger
File size:737'792 bytes
First seen:2020-05-23 11:45:48 UTC
Last seen:2020-05-23 13:13:12 UTC
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 12288:U2iN4NJuXC7fAwLvpUpeB2uVLW+29SZ0Yr3YD12q2Q9ZJ8jGIukxYB+ag:U1EtfAgKpoV6E0kYpPz9ZJ8j0kWoT
TLSH 57F42292C1BC895DEA6C5BF86F56BF01E32853824583D6CB1F9050AD2C126D93E943E7
Reporter @abuse_ch
Tags:exe MassLogger

Malspam distributing MassLogger:

Sending IP:
From: M. Prabahkar Rao, Chairman, NSL Group <>
Reply-To: me <>
Subject: PROJECT DRAFT - Enquiry - 4400008663
Attachment: RFQ NO. (contains "RFQ NO. 4400008663.exe")


Mail intelligence
Trap location Impact
Global Low
# of uploads 2
# of downloads 22
Origin country US US
VirusTotal:Virustotal results 27.78%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



Executable exe ff6459ca52183c69be1ef1764b9a1cd4c3436d2713483bf5ad219d2bff0d439e

(this sample)

Delivery method
Distributed via e-mail attachment