MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 76acf380aac2c3e98f043c216c0b2d3abc6903d1a2935a2b3495d097bffb355d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 76acf380aac2c3e98f043c216c0b2d3abc6903d1a2935a2b3495d097bffb355d
SHA3-384 hash: 90ce1a170ff35e36a638f4e5f3453c835435091bf1a31292e9498210a9cb2bbd766b093d932f53477020da70b8f50dd1
SHA1 hash: 0922a12fe855670f9f8b6972c23d8c7b2ac876d1
MD5 hash: 0ca4b989bc0efcb6bd4174edc3ce5179
humanhash: venus-undress-five-skylark
File name:PO 4500022412.rar
Download: download sample
Signature AgentTesla
Create hunting rule
File size:957'879 bytes
First seen:2020-05-13 05:13:00 UTC
Last seen:2020-05-13 05:32:26 UTC
File type: rar
MIME type:application/x-rar
ssdeep 12288:lpK5gJXi1D90cU0n3yvWeByJ80jcZRwJtY5Blmwm+DV+dc+zOM8pA15C2cR1q0:lATlnnYD4m/w85Bon8dPm5Gc0
TLSH 8315337EFA82818A449A706F36EC95794CD2086204D573D5337EB7FACDFA03820B566D
Reporter cocaman
Tags:AgentTesla rar


Avatar
cocaman
Malicious email
From: sales@pololu.com
Received: from o3.ptr7354.tebaide.it (o3.ptr7354.tebaide.it [168.245.57.158])
Date: Tue, 12 May 2020 22:42:45 +0000 (UTC)
Subject: PURCHASE ORDER 4500022412
Attachment: PO 4500022412.rar

Intelligence

File Origin
# of uploads :
2
# of downloads :
81
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Injector
Create hunting rule
Status:
Malicious
First seen:
2020-05-13 05:37:14 UTC
File Type:
Binary (Archive)
Extracted files:
27
AV detection:
15 of 31 (48.39%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=o2wphafkylb6tdyehqqwycznhk6gsa6rukjvukzusxijpp73gvoq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar 76acf380aac2c3e98f043c216c0b2d3abc6903d1a2935a2b3495d097bffb355d

(this sample)

AgentTesla

Executable exe d6e5b7d9bdd1ca5d2ee2153cc6955889c1dfb155b2c8caeb5536a50242848c0a

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 d6e5b7d9bdd1ca5d2ee2153cc6955889c1dfb155b2c8caeb5536a50242848c0a
  
Dropping
AgentTesla

Comments