MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 426110407bdba9dfe5a4f6d39d6369c8baf47008d7738765c3eb7d1ee62e3344. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 1 Yara Comments

SHA256 hash: 426110407bdba9dfe5a4f6d39d6369c8baf47008d7738765c3eb7d1ee62e3344
SHA3-384 hash: 8c6b55b98452e262444d6d0a3beb0c82530fe75aee1d15f6d3ffb8ea467560ac52e6e207cd1e4bfcd92c41308569e66f
SHA1 hash: f36fdde8a2ab0c9b5c54661d55baadd613afc8e0
MD5 hash: 32b71c38294344a8c553741a6edf8a59
humanhash: orange-eight-kentucky-white
File name:blesss.exe
Download: download sample
Signature AgentTesla
File size:913'920 bytes
First seen:2020-05-12 11:37:07 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 24576:2a6KWtOS20BEHkhIJI7m+V45jiNyjkeF4QnW:2w20eEHkhIJI7dVFsq
TLSH 5915014023AC6726F53A9BF558B06051CBF6756A75B8E36E4D9260CA06E3F80CC91F37
Reporter @James_inthe_box
Tags:AgentTesla exe

Intelligence


Mail intelligence No data
# of uploads 1
# of downloads 1'819
Origin country US US
ClamAV SecuriteInfo.com.Trojan.PWS.Siggen2.48635.14901.10873.UNOFFICIAL
CERT.PL MWDB Gathering data
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Kryptik
First seen:2020-05-12 11:36:33 UTC
AV detection:23 of 31 (74.19%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
VirusTotal:Virustotal results 34.29%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments