MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 13b9a5dbbc245d4e2b2e9f1c08a9e35af0d242e34bd82bfb64371474d315ed5b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 13b9a5dbbc245d4e2b2e9f1c08a9e35af0d242e34bd82bfb64371474d315ed5b
SHA3-384 hash: c8e726875e02b1dd953dc58c3411404f7d5fd13cd52aefc255373d74e6c1caa8c0b535068cac60411cfcfc796d829557
SHA1 hash: 5fa894c0987d08eb2e34bf02eb65734990c38827
MD5 hash: fbb2923a24148f0a395fca61e72815b7
humanhash: hotel-north-saturn-fifteen
File name:Remit.Advice.rar
Download: download sample
Signature AgentTesla
Create hunting rule
File size:362'287 bytes
First seen:2020-07-08 12:50:19 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 6144:kExlnkmCzpzxlTQDrYE00f7ArM16mCOspWU/phV8r1nOM1tw8FZZ:xzhpUMEmCtWU/DV8JOMvZ
TLSH 2E7423D97E0C90EFC6E794D7D12AB2C7624D678880037865A721C111D25BBB46CB7BF2
Reporter abuse_ch
Tags:AgentTesla rar


Avatar
abuse_ch
Malspam distributing AgentTesla:

From: Isabella Thambudorai <I.Thambdorai@searcherseismic.com>
Subject: URGENT REQUEST-Remittance Advice
Attachment: Remit.Advice.rar (contains "Remit.Advice.exe")

AgentTesla SMTP exfil server:
mail.itdone.cz:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
72
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/13b9a5dbbc245d4e2b2e9f1c08a9e35af0d242e34bd82bfb64371474d315ed5b/
Threat name:
ByteCode-MSIL.Backdoor.Bladabhindi
Create hunting rule
Status:
Malicious
First seen:
2020-07-08 12:52:06 UTC
AV detection:
14 of 29 (48.28%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=co42lw54erou4kzot4oarkpdllyneqxdjpmcx63eg4khjuyv5vnq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar 13b9a5dbbc245d4e2b2e9f1c08a9e35af0d242e34bd82bfb64371474d315ed5b

(this sample)

AgentTesla

Executable exe cdebb39b2a4f203a8c0be1ce06cbeed1396321d8871d3cc46d4c6639ae7d25a2

  
Dropping
MD5 eee0330f850eeb8d07aeb8e180afc051
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 cdebb39b2a4f203a8c0be1ce06cbeed1396321d8871d3cc46d4c6639ae7d25a2

Comments