MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 62fde37ce19913d8a2d541eab5d168155441289a0cdb6aef7cd01c56b47e47ab. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 62fde37ce19913d8a2d541eab5d168155441289a0cdb6aef7cd01c56b47e47ab
SHA3-384 hash: 9f40304278f22a2b4f23805a4763a9086df66ed4a1b09851a229ccb0d7c7786585d5c63f8e34060d66c2e406413e9534
SHA1 hash: 371755e8a2a13b71ad52e21219f09533f8628c5c
MD5 hash: 55ae7fb218cfc0a6dbfd98cf61951775
humanhash: princess-sierra-william-saturn
File name:Swift copy.pdf.-..rar
Download: download sample
Signature AgentTesla
Create hunting rule
File size:469'314 bytes
First seen:2020-08-19 05:49:17 UTC
Last seen:2020-08-22 22:03:21 UTC
File type: rar
MIME type:application/x-rar
ssdeep 6144:UTfIK3qzeV7zV7OjAScB3s++3tdLmcE0oSDOLlmZkCySBf6w0sjzN3/YCHQl5R5h:ofVa6FJOfObZLl0kQf6wPjzNAOO5bbLJ
TLSH BEA423F92CB8297758011E531818FCCC3ABAD1B640B11731AF7D8EE2B60735691FE5A5
Reporter jarumlus
Tags:AgentTesla

Intelligence

File Origin
# of uploads :
65
# of downloads :
69
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.27121.RarHeur.NoDP.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/62fde37ce19913d8a2d541eab5d168155441289a0cdb6aef7cd01c56b47e47ab/
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-08-19 02:39:21 UTC
AV detection:
22 of 48 (45.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ml66g7hbtej5riwvihvllulicvkecke2btnwv3342aofnnd6i6vq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/62fde37ce19913d8a2d541eab5d168155441289a0cdb6aef7cd01c56b47e47ab

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar 62fde37ce19913d8a2d541eab5d168155441289a0cdb6aef7cd01c56b47e47ab

(this sample)

AgentTesla

Executable exe 3333a191bc36b4a7a76e51c0b7b83c5d2b7d253f074789c2302ec598c30711b3

  
Dropped by
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 3333a191bc36b4a7a76e51c0b7b83c5d2b7d253f074789c2302ec598c30711b3
  
Dropping
MD5 0812e6b42bce4af2abf9b12bbe8379a8

Comments