MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8d3bc970595e1d81d09d72f32d2395c4212cecb7bf7f42a74d349708409a2fea. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 4 Yara Comments

SHA256 hash: 8d3bc970595e1d81d09d72f32d2395c4212cecb7bf7f42a74d349708409a2fea
SHA3-384 hash: c1ca21d21951a92d10a649eef45326cc411dfe240977663cac7e2211702524709506b6a9c532e019905e31f688264755
SHA1 hash: b008e71d40074ad2c715f32514835b07436212ab
MD5 hash: 7c535999a654c1cae8fe88ae17a54f9e
humanhash: mountain-moon-kitten-wolfram
File name:Data Sheet.exe
Download: download sample
Signature AZORult
File size:292'352 bytes
First seen:2020-06-30 05:44:18 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 6144:hioJWWHWH00GA76vEReBm3T34wi5DMddZaPLyw2RzVgv:zHWH0kJRBjovGZaPe3zO
TLSH 9454AE2173B9975AD5BE4BF914A0114407B674526A23E3ADCE8670DB2EB27C00F1BF1B
Reporter @abuse_ch
Tags:AZORult exe

Malspam distributing AZORult:

Sending IP:
From: Marilyn Aguinaldo <>
Reply-To: Marilyn Aguinaldo <>
Subject: PO # 208 / 2020
Attachment: Data (contains "Data Sheet.exe")

AZORult C2:


Mail intelligence
Trap location Impact
Global Low
# of uploads 1
# of downloads 45
Origin country US US
CAPE Sandbox Detection:Azorult
CERT.PL MWDB Detection:azorult
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Agenttesla
First seen:2020-06-30 05:46:06 UTC
AV detection:20 of 48 (41.67%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:azorult
Tags:trojan infostealer family:azorult
Config extraction:
VirusTotal:Virustotal results 35.62%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



Executable exe 8d3bc970595e1d81d09d72f32d2395c4212cecb7bf7f42a74d349708409a2fea

(this sample)

Delivery method
Distributed via e-mail attachment