MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 24974fc9c59735910618157b42bbcc6c094a0471c86e0d629eeb77784103a3cd. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 2 File information 2 Yara Comments

SHA256 hash: 24974fc9c59735910618157b42bbcc6c094a0471c86e0d629eeb77784103a3cd
SHA3-384 hash: ab2adfedc1c228ac44b3a4f3f45e9647d4f490e4b65b91f57e04f66a28c76d0a6e0398202f55fa50ccfbbeadc79e035f
SHA1 hash: 84e93f99011e47ae0a78c5e99381e2a53d1d2bf1
MD5 hash: 827945fc61ddcdbb87b83edeae765fbc
humanhash: seventeen-cold-zulu-green
File name:Our Ref MIDLGB31..zip
Download: download sample
Signature n/a
File size:399'460 bytes
First seen:2020-06-30 01:02:38 UTC
Last seen:2020-06-30 02:05:30 UTC
File type: zip
MIME type:application/zip
ssdeep 12288:bgqiDb8my7cByLl433pDa9d+idziu9NhBA979//:8qiDb8J7cByLla3ud+2iIBc93
TLSH 32842372F5596CE3AFA5FB6641B6CA723413390389719CA3F01DF48B2A86EF254458C3
Reporter @jarumlus
Tags:AgentTesla

Intelligence


Mail intelligence
Trap location Impact
Global High
IT Italy Low
NL Netherlands Low
# of uploads 2
# of downloads 30
Origin country US US
ClamAV SecuriteInfo.com.MSIL.Kryptik.WOR.18336.UNOFFICIAL
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/24974fc9c59735910618157b42bbcc6c094a0471c86e0d629eeb77784103a3cd/
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Kryptik
First seen:2020-06-29 21:48:48 UTC
AV detection:26 of 48 (54.17%)
Threat level:   2/5
Spamhaus Hash Blocklist :Suspicious file
VirusTotal:Virustotal results 9.38%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

zip 24974fc9c59735910618157b42bbcc6c094a0471c86e0d629eeb77784103a3cd

(this sample)

  
Dropped by
AgentTesla
  
Delivery method
Distributed via e-mail attachment

Comments