MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3712b0cc38d52a63fac02d8b0893224e8683e43d1461a4fe514c2d7ad6daf2cf. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3712b0cc38d52a63fac02d8b0893224e8683e43d1461a4fe514c2d7ad6daf2cf
SHA3-384 hash: af7dcffdd7a24681621455fe8f0672a4b14edd19b5cf6a89dd5e78eb3aa28c749b3a3929e56bc58b6a9751d86134c2fa
SHA1 hash: 0c3785992368f69b9f8f85c9334d9abcfe1cb6be
MD5 hash: 39336d16f08d63ca084939ad1cc43ac6
humanhash: yellow-johnny-whiskey-lithium
File name:Order List & Imgs.rar
Download: download sample
Signature AgentTesla
Create hunting rule
File size:320'386 bytes
First seen:2020-06-23 07:58:59 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 6144:Vaq+erWrDd8XRAARewEnI1PNtAeuHKr0TuehL8pZcwmZ0raeNSLc6UR:7+DcYRSltfuHIvtraeKlM
TLSH 3964235C0D3287AB9DA4738E90FEEC691422A70359ED05CAF1FEE0044A3DB259AD549F
Reporter cocaman
Tags:AgentTesla rar


Avatar
cocaman
Malicious email
From: comercial@inovaradm.com.br
Received: from mcegress-30-lw-26.correio.biz (mcegress-30-lw-26.correio.biz [191.252.30.26])
Date: Tue, 23 Jun 2020 04:27:37 -0300
Subject: Re: Urgent Quote Required
Attachment: Order List & Imgs.rar

Intelligence

File Origin
# of uploads :
1
# of downloads :
74
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/3712b0cc38d52a63fac02d8b0893224e8683e43d1461a4fe514c2d7ad6daf2cf/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-06-23 08:00:06 UTC
File Type:
Binary (Archive)
Extracted files:
2
AV detection:
8 of 48 (16.67%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=g4jlbtby2uvgh6wafwfqrezcj2dihzb5crq2j7srjqwxvvw26lhq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar 3712b0cc38d52a63fac02d8b0893224e8683e43d1461a4fe514c2d7ad6daf2cf

(this sample)

AgentTesla

Executable exe f963457d5a9d27cbce5df7a6ce4fb9dd288e23ef473bd90cdb3059d454949d5a

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 f963457d5a9d27cbce5df7a6ce4fb9dd288e23ef473bd90cdb3059d454949d5a
  
Dropping
AgentTesla
  
Dropping
MD5 06695b1a9c7382b20ed1c22e8eba9bf2

Comments