MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3be8e4d21d791b4bab20393e21e3c9759bd0152fe3d35467acbb8da68216afb1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3be8e4d21d791b4bab20393e21e3c9759bd0152fe3d35467acbb8da68216afb1
SHA3-384 hash: c94662507b2e4d89368779c32ccbdc839966b96a4b5fc194846788a83130f4a803668067758d7d14bcb80c6d747d8590
SHA1 hash: 4954c1d8f8d24891eb24642a339dd945279b2b17
MD5 hash: b8ad5386680c690214764a8e23e89319
humanhash: speaker-west-king-queen
File name:03062020,pdf.iso
Download: download sample
Signature AgentTesla
Create hunting rule
File size:643'072 bytes
First seen:2020-06-03 12:49:13 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 12288:oImB8Lr3/RyTUQqE76DM/3L4rvRIfSXtWHH:5Lr3cAQqE76Hrpsai
TLSH E6D4D00436907D8FC22F4D76481218109BA1A667AE5FE343BCCF25DA5B5FFCA8A04797
Reporter abuse_ch
Tags:AgentTesla iso


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: srv1.plamen.rs
Sending IP: 87.118.88.9
From: Gennaro Passerini <info@hauraton.it>
Subject: Avviso di pagamento
Attachment: 03062020,pdf.iso (contains "03062020,pdf.exe")

AgentTesla SMTP exfil server:
mail.privateemail.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
57
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-06-03 13:46:05 UTC
File Type:
Binary (Archive)
Extracted files:
14
AV detection:
13 of 31 (41.94%)
Threat level:
  2/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=hpuojuq5penuxkzahe7cdy6jown5afjp4pjviz5mxog2naqwv6yq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

iso 3be8e4d21d791b4bab20393e21e3c9759bd0152fe3d35467acbb8da68216afb1

(this sample)

AgentTesla

Executable exe 7399fc107327a8ecb09632fd6380f18e3f7c382675b9be0a2613beb831337096

  
Dropping
MD5 4220819b2e52d9ecd3048f4883c4f7c5
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 7399fc107327a8ecb09632fd6380f18e3f7c382675b9be0a2613beb831337096

Comments