MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 6591c88fe9958cc50d38ac4a72cdeeaa0e772700a201305f62194f1b2dcfb4f0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AgentTesla
Vendor detections: 4
| SHA256 hash: | 6591c88fe9958cc50d38ac4a72cdeeaa0e772700a201305f62194f1b2dcfb4f0 |
|---|---|
| SHA3-384 hash: | a21fff72460b3c2ee54c5b088105275b308cfccc097ef3ce68af0e33fd51b6bdb814cdc050db882a1ba739e4d8bddbd2 |
| SHA1 hash: | 520bcf19542f8a4bc27f1b38400917ae93c5f8e7 |
| MD5 hash: | ed307caa4f6297d2373e98c636b254c5 |
| humanhash: | massachusetts-cola-montana-michigan |
| File name: | 7_23_2020 SWIFT COPY_PDF.gz |
| Download: | download sample |
| Signature | AgentTesla |
| File size: | 410'910 bytes |
| First seen: | 2020-07-24 06:42:15 UTC |
| Last seen: | 2020-07-25 06:37:25 UTC |
| File type: | gz |
| MIME type: | application/x-rar |
| ssdeep | 12288:R3fZCRavqKBrLL/vGYLdkAvBgOSXNkgUr0/wRNM:R3fZrvZpXGY5k+gOgigFoU |
| TLSH | F994231D92C537F6AE2C31D422F098263189427771C856FEBB1D383A786470E46FEA9D |
| Reporter |  jarumlus |
| Tags: | AgentTesla |
Intelligence
File Origin
# of uploads :
2
# of downloads :
65
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Threat name:
ByteCode-MSIL.Trojan.Masslogger
Status:
Malicious
First seen:
2020-07-24 06:44:06 UTC
AV detection:
17 of 29 (58.62%)
Threat level:
5/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Kryptik
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Dropped by
AgentTesla
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.