MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 34b434e880799db0df1f38c8ec44f2f02c59c76940230b5de5724f9f90da05f2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 1 Yara Comments

SHA256 hash: 34b434e880799db0df1f38c8ec44f2f02c59c76940230b5de5724f9f90da05f2
SHA3-384 hash: 573c57d5eeb89e40adc7622e48e22ab334f4f66fc1e9f5a2fc99b3b70e879ebc3532a0105c1c04ac3ba6af79bbc7b89f
SHA1 hash: 8b0db7c28d7a9b8b8a8765c157b34038af381fc2
MD5 hash: 3430c7709ac6c47763e3f45288810ef5
humanhash: mexico-nevada-video-wyoming
File name:invoice.pdf.z
Download: download sample
Signature AgentTesla
File size:400'379 bytes
First seen:2020-06-30 05:36:52 UTC
Last seen:Never
File type: z
MIME type:application/x-rar
ssdeep 12288:Ej9Xmmls1HN8piOVvYtbRJJHJequD6QduBsD5:o927H/qORQjeQdcsD5
TLSH 7784236EDF893834F000BCA8A08F451CA5FF73EDB9664F61E487A50AE91C5786750C93
Reporter @jarumlus


Mail intelligence
Trap location Impact
CH Switzerland Low
Global Medium
# of uploads 1
# of downloads 27
Origin country FR FR
ClamAV No detection
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Kryptik
First seen:2020-06-29 18:54:31 UTC
AV detection:18 of 31 (58.06%)
Threat level:   2/5
Spamhaus Hash Blocklist :Malicious file
VirusTotal:Virustotal results 20.97%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



z 34b434e880799db0df1f38c8ec44f2f02c59c76940230b5de5724f9f90da05f2

(this sample)

Delivery method
Distributed via e-mail attachment