MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 02cb58a1f36135bdae8f1b9e73a25776a00bb0fce7dfa12e1ab3000c74d8da30. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AgentTesla
Vendor detections: 3
| SHA256 hash: | 02cb58a1f36135bdae8f1b9e73a25776a00bb0fce7dfa12e1ab3000c74d8da30 |
|---|---|
| SHA3-384 hash: | 34acddf8000940929620a5646c9b70904ce12e182d65f787d85d63434275f9d843094c816404e56d4663493d53dc87c0 |
| SHA1 hash: | 49a75bd18e5f7db6679cdfcfdc051a5c13d1fc75 |
| MD5 hash: | 53cc265aac5ee6a9cd8530f32305340d |
| humanhash: | colorado-glucose-friend-twenty |
| File name: | shipping documents.pdf.z |
| Download: | download sample |
| Signature | AgentTesla |
| File size: | 380'047 bytes |
| First seen: | 2020-06-30 06:06:49 UTC |
| Last seen: | 2020-06-30 08:33:33 UTC |
| File type: | z |
| MIME type: | application/x-rar |
| ssdeep | 6144:Q5OaGh54zdpphqAnArzIQYnLcd5OrXStDchfI5SfIh+DWDLzy:QT+4UPNsYd5Fuf9fIADWDa |
| TLSH | 9D8423478694B6123941DDC8869C04FA6862FC7C60892DF63485FEE6FB819B5F0DEF48 |
| Reporter |  jarumlus |
| Tags: | AgentTesla |
Intelligence
File Origin
# of uploads :
2
# of downloads :
67
Origin country :
n/a
Vendor Threat Intelligence
Threat name:
ByteCode-MSIL.Infostealer.Agensla
Status:
Malicious
First seen:
2020-06-30 06:08:05 UTC
File Type:
Binary (Archive)
Extracted files:
15
AV detection:
14 of 25 (56.00%)
Threat level:
5/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.