MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4ce1a9477effcd14cd4b4781bdf64c4efa607c779b6f4fed2746eeaade35a18e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



Threat unknown


Vendor detections: 5


Intelligence 5 File information Yara Comments

SHA256 hash: 4ce1a9477effcd14cd4b4781bdf64c4efa607c779b6f4fed2746eeaade35a18e
SHA3-384 hash: 7bc6ccbc818b23e5fa3ffad5073a983db957111e36a89481cbc9e04ac18381b1cdd88b911560864223eacac4e38d9ac5
SHA1 hash: 1da62f1f0e891ab4308dd3499410ab8f73e41caf
MD5 hash: 5f1ce1332f2d4663f685291de0726ab9
humanhash: bulldog-arkansas-sink-triple
File name:AWB-18_01_2021_INV_18_01_2021.zip
Download: download sample
Signature n/a
File size:419'080 bytes
First seen:2021-02-23 07:18:06 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:HTgg0SbXNA+c9OgfPCW8WQfnUDb+iShxO1cKiFTRfUyBs3bviA9Y5Jr3c6EQ0UVb:HX6LogfqW8WUUDPg1ftsLX9Y5tcglF
TLSH 3E94239847274DEBE5B4A8A1A5E04F823C7B0263F9C1BDCC765DA340706FC64966A3B0
Reporter @lowmal3

Intelligence


File Origin
# of uploads :
1
# of downloads :
43
Origin country :
DE DE
Mail intelligence
Geo location:
Global
Volume:
Medium
Vendor Threat Intelligence
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Status:
Malicious
First seen:
2021-02-23 03:38:21 UTC
AV detection:
7 of 48 (14.58%)
Threat level
  5/5
Threat name:
Suspicious File
Score:
0.35

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

zip 4ce1a9477effcd14cd4b4781bdf64c4efa607c779b6f4fed2746eeaade35a18e

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments