MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 5c3c9102d7267d76e2fc783b4f313a9caf12b011159e6d1fe8570e0dcafa289c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 5c3c9102d7267d76e2fc783b4f313a9caf12b011159e6d1fe8570e0dcafa289c
SHA3-384 hash: 2bff258aa2db393b561938d3cd65fd58e01df603f428e75b87a4441bfb1ad14651301d070db96309af692186d6a84247
SHA1 hash: 4295b5ccf8b68b6992715d3e0ba9cb209095cdb5
MD5 hash: cb967cd9df44df01199911a9b2eb8713
humanhash: arkansas-maryland-uncle-east
File name:Ticari Hesap Özetiniz.rar
Download: download sample
Signature AgentTesla
Create hunting rule
File size:427'942 bytes
First seen:2020-07-07 08:48:55 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:cEDjQvzWeXMOPkpTYp12apxOEACXCY3xKJG:cA8vzWekpT8Pp8EALY30G
TLSH 2D9423988845252B7722E334BF764F6FD34E9CD15031AF8A079019BAE9CCCAF497865C
Reporter abuse_ch
Tags:AgentTesla Akbank geo rar TUR


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: mail.impressive.hu
Sending IP: 213.181.210.243
From: Akbank Ticari Bankacılık <ticaribankacilik@bilgi.akbank.com>
Subject: HAZİRAN 2020 Ticari Hesap Özetiniz (Ref:2053878463)
Attachment: Ticari Hesap Özetiniz.rar (contains "Ticari Hesap Özetiniz.exe")

AgentTesla SMTP exfil server:
mail.vinorema.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
76
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/5c3c9102d7267d76e2fc783b4f313a9caf12b011159e6d1fe8570e0dcafa289c/
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-07-07 08:50:09 UTC
AV detection:
15 of 29 (51.72%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=lq6jcawxez6xnyx4pa5u6mj2tsxrfmarcwpg2h7ik4ha3sx2fcoa._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar 5c3c9102d7267d76e2fc783b4f313a9caf12b011159e6d1fe8570e0dcafa289c

(this sample)

AgentTesla

Executable exe cdf43e36edf4aaa17906bf552cd65351d9b6e66a77356f91cd819874cf531e03

  
Dropping
MD5 77b28fa8e6208ae9c88be198f5e614ce
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 cdf43e36edf4aaa17906bf552cd65351d9b6e66a77356f91cd819874cf531e03

Comments