MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 2f223aa99f4693e6e481971b4111d96c36aa66cc6ce08217ef985a6ec30a095f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 2 File information 2 Yara Comments

SHA256 hash: 2f223aa99f4693e6e481971b4111d96c36aa66cc6ce08217ef985a6ec30a095f
SHA3-384 hash: 2c48aa0ed99ff35ef28c7895a5813843931da83385a7bc455ddcb54a3482409b57996c74837171577a82d0749db85066
SHA1 hash: 203e07055e25bcbaaffdf86e22fd7a4c192b212a
MD5 hash: 7839aeec0570686d7333b6b82a88879e
humanhash: delta-aspen-dakota-tennis
File name:overdue account letter.rar
Download: download sample
Signature n/a
File size:390'456 bytes
First seen:2020-06-29 23:12:37 UTC
Last seen:2020-06-30 00:18:32 UTC
File type: rar
MIME type:application/x-rar
ssdeep 6144:e8Klj/DNx/0YBVHBNaxvxBy9T5ia2i4QJv2vSx0S9TvxYoTnxVqCWGA2hmAAT:dKV/pRBD79T5tT4QJeKuS9zDTH0AAT
TLSH 6A842318F253F92C2B8628FDF36FDDD60987163927DC0DD348DDFA805B9A4EA2552842
Reporter @jarumlus
Tags:AgentTesla

Intelligence


Mail intelligence
Trap location Impact
IT Italy Low
CH Switzerland Low
Global High
# of uploads 2
# of downloads 32
Origin country FR FR
ClamAV No detection
CERT.PL MWDB Detection:n/a
Link: https://mwdb.cert.pl/sample/2f223aa99f4693e6e481971b4111d96c36aa66cc6ce08217ef985a6ec30a095f/
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Dynamer
First seen:2020-06-29 13:13:12 UTC
AV detection:15 of 31 (48.39%)
Threat level:   5/5
Spamhaus Hash Blocklist :Suspicious file
VirusTotal:Virustotal results 52.46%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

rar 2f223aa99f4693e6e481971b4111d96c36aa66cc6ce08217ef985a6ec30a095f

(this sample)

  
Dropped by
AgentTesla
  
Delivery method
Distributed via e-mail attachment

Comments