On this page... (hide)
Introduction
This report summarizes the email that was sent by each of the malicious binaries when run in the sandbox system.
This specific report is from running a malicious binary in our sandbox system. The malware attempted to either email or utilize an email server that was referenced in the report. It does not mean that the access was successful or that your system is compromised at the time of the report. Just that a piece of malware attempted to either utilize your infrastructure or to send an email to it.
Fields
| Field | Description |
| md5hash | MD5 has of the binary that was run |
| E-Mail addresses used by the binary | |
| sender | Return E-Mail address used by the binary |
| smtp_inet | IP of the remote SMTP server |
| smtp_port | Remote port used |
| smtp_host | Hostname resolution of the IP address |
Sample
md5hash,email,sender,smtp_inet,smtp_port,smtp_host 006d88086f8796bdd154c4f46d1fbe2e,kamjoz@hotmail.com,kamjoz@hotmail.com,65.55.37.88,25,mx3.hotmail.com 0097381403906db6e8b3c528f261bbf8,austria@msdirectservices.com,noreply@msdirectservices.com,193.189.224.91,25,msdirectservices.com 0097381403906db6e8b3c528f261bbf8,austria@msdirectservices.com,noreply@msdirectservices.com,84.17.190.210,25,msdirect.servicemail24.de 0097381403906db6e8b3c528f261bbf8,mts@lebanon-online.com.lb,austria@msdirectservices.com,64.26.62.254,25,lebanon-online.com.lb 00a5d3da60cdd47b844cbee35c71efd8,softpowered@gmail.com,HD8R2JDS87REW82@google.com,190.61.128.204,25,smtp.tutopia.com.br 00e617110678a6db59332f71de5c2e32,gio2008fernandes@gmail.com,HD8R2JDS87REW90@gmail.com,208.84.244.140,25,smtp.bem.terra.com.br 00e617110678a6db59332f71de5c2e32,gio2008fernandes@gmail.com,HD8R2JDS87REW90@gmail.com,200.198.128.228,25,smtp.via-rs.com.br 016d542c0484ee3a506b2b3fd5f2e566,austria@msdirectservices.com,MAILER-DAEMON@msdirectservices.com,74.125.155.109,25,smtp.gmail.com 016d542c0484ee3a506b2b3fd5f2e566,austria@msdirectservices.com,MAILER-DAEMON@msdirectservices.com,193.189.224.91,25,msdirectservices.com 016d542c0484ee3a506b2b3fd5f2e566,austria@msdirectservices.com,MAILER-DAEMON@msdirectservices.com,84.17.190.209,25,msdirect.servicemail24.de 016d542c0484ee3a506b2b3fd5f2e566,mts@lebanon-online.com.lb,austria@msdirectservices.com,64.26.62.254,25,lebanon-online.com.lb 01d86038b02af7037140f8d2c8c53f7b,sauron.bey@gmail.com,admin@hotmail.com,64.233.185.114,25,
<< | Reports | >>
