MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 02a4fa540cb0828b001cd6aa079eb888d8e605c4dd999d18920e0a888dede073. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 02a4fa540cb0828b001cd6aa079eb888d8e605c4dd999d18920e0a888dede073
SHA3-384 hash: 6b8f447070630e07ae2c0cec869506c3cc83728f0100c4034bb1e953ef1bae685795bde2e6ed618e3ac4a475665d4099
SHA1 hash: 25963830890c8a85a7628eefee15687d255fb559
MD5 hash: 176104d59c1b6f90753d711a8865a467
humanhash: rugby-sixteen-emma-victor
File name:Drawings ans specifications for GRP Enclosuree.rar
Download: download sample
Signature AgentTesla
Create hunting rule
File size:279'570 bytes
First seen:2020-06-11 05:34:56 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 6144:PP3YRv01hP9LhuBIZTgWhsmFlrAi5N9JiqWTFo1dSpB:P/M8DP9NHTImFlUaN9oqcAUz
TLSH CC5423D3A7ABF65B82361853FB707ACC64BAD4446D00F68EC2936573BFA12811109ED7
Reporter abuse_ch
Tags:AgentTesla rar


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: arpco.com
Sending IP: 185.234.219.109
From: Sajeena Ibrahim <purchase@arpco.com>
Subject: Procurement for GRP010251 Enclosure
Attachment: Drawings ans specifications for GRP Enclosuree.rar (contains "Drawings ans specifications for GRP Enclosuree.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
60
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-06-11 05:36:07 UTC
AV detection:
11 of 48 (22.92%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=akspuvamwcbiwaa422vaphvyrdmomboe3wmz2gesbyfirdpn4bzq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar 02a4fa540cb0828b001cd6aa079eb888d8e605c4dd999d18920e0a888dede073

(this sample)

AgentTesla

Executable exe 64a41ad52d59bece56d2f40e5b37ff27043fd3cb40a390a28e18101ee2bd6c6d

  
Dropping
MD5 5d09f83ae7e09306a614dcb7af157417
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 64a41ad52d59bece56d2f40e5b37ff27043fd3cb40a390a28e18101ee2bd6c6d

Comments