MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 340b7eeb1ee83ec595d7823cff96bf6d4d8460c699a554532b7e29bba7ab3bcb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 340b7eeb1ee83ec595d7823cff96bf6d4d8460c699a554532b7e29bba7ab3bcb
SHA3-384 hash: bd4052cc641aea13b0c68f2ccd74d5e51d55597881b722b1949c6da16c6b6dc3619d49b0a5fe39dc22cd059fc5641768
SHA1 hash: 00e1046e95c144142e84b5f4ae7e44e81758df96
MD5 hash: 76cd2ab2f6ab7842ab8f9ebcb816ba85
humanhash: oregon-five-glucose-eight
File name:PO39619.GZ
Download: download sample
Signature AgentTesla
Create hunting rule
File size:402'165 bytes
First seen:2020-05-22 07:13:59 UTC
Last seen:Never
File type: gz
MIME type:application/x-rar
ssdeep 6144:e8t3QWd1q4qtdzv59V8F/DkxhnoW0N4i34qTb2tj+6FFqUI5FfwNsJ:RRd14tdT59V8F0Nzi39TCtjVZIgQ
TLSH C184233D5A1BC71EDE1C33B8E005D871F5071E32D9883783CCA92549A5FA62E0ADB6D5
Reporter abuse_ch
Tags:AgentTesla gz


Avatar
abuse_ch
Malspam distributing AgentTesla:

From: Caroline Cardinale<CCardinale@zwillingus.com>
Subject: Re: New Purchase Order # 39619
Attachment: PO39619.GZ (contains "PO # 39619.exe")

AgentTesla SMTP exfil server:
smtp.yandex.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
64
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-05-22 07:35:38 UTC
File Type:
Binary (Archive)
Extracted files:
9
AV detection:
16 of 48 (33.33%)
Threat level:
  2/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

gz 340b7eeb1ee83ec595d7823cff96bf6d4d8460c699a554532b7e29bba7ab3bcb

(this sample)

AgentTesla

Executable exe 213bc1e79dd9fdc519dc1f286f1d0deae4ab6167aa69989d14c1f756fc6217dc

  
Dropping
MD5 e8d7fcb10e0b60bed9d639b8980fe612
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 213bc1e79dd9fdc519dc1f286f1d0deae4ab6167aa69989d14c1f756fc6217dc

Comments