MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8aba10e723233f9feddf6ec1f2a861371928889db2e1dd048c52772d324c6001. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8aba10e723233f9feddf6ec1f2a861371928889db2e1dd048c52772d324c6001
SHA3-384 hash: d49ed7c61cdaf52753fc2bd633beb4e2ce8c4842c71b2d61bcec7bb50e7a3df52247fc2c3ef84b601d6ce4ce95ba92f7
SHA1 hash: 91b43d1e215ad648e7391179e67cf1207d27e51a
MD5 hash: 742f303486c3d8886a2dd2b8cdea93c1
humanhash: island-monkey-pennsylvania-nine
File name:Bank Detail.zip
Download: download sample
Signature AgentTesla
Create hunting rule
File size:395'487 bytes
First seen:2020-07-10 07:32:26 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 12288:26xv2aPDWanZDzlFLpNLki/FYkaWWo/OYuBq7d:bDhdTLnLjuo/OXEd
TLSH 1B8423364393AA769F5B29F93ED103864824BCF73D3453816245EA9F5C6FA60863072F
Reporter abuse_ch
Tags:AgentTesla zip


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: vsnl.com
Sending IP: 103.207.38.151
From: eddycranes@vsnl.com
Subject: RE:BANK DETAIL
Attachment: Bank Detail.zip (contains "aKDzIJRX7hjOy0J.exe")

AgentTesla SMTP exfil server:
us2.smtp.mailhostbox.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
73
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/8aba10e723233f9feddf6ec1f2a861371928889db2e1dd048c52772d324c6001/
Threat name:
Win32.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-07-10 07:34:07 UTC
AV detection:
9 of 48 (18.75%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=rk5bbzzdem7z73o7n3a7fkdbg4msrce5wlq52bemkj3s2msmmaaq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

zip 8aba10e723233f9feddf6ec1f2a861371928889db2e1dd048c52772d324c6001

(this sample)

AgentTesla

Executable exe 921c7a4ec72f857913362b7cd75300e57ae805dba29c8ac0e62806295dfa60ce

  
Dropping
MD5 93acf64e4e9895ba3b94b976af3b41ac
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 921c7a4ec72f857913362b7cd75300e57ae805dba29c8ac0e62806295dfa60ce

Comments