MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9416ab857761a22a9fa58de901553d9fd7cfc03f2e1f8ab15e552540a8283985. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 9416ab857761a22a9fa58de901553d9fd7cfc03f2e1f8ab15e552540a8283985
SHA3-384 hash: 9b178504c17ffdc80a4b9ad69d7adc2175c154fa5e150edca13c41018ca5726c15a6b1c139f582ab5da78a86fd15f440
SHA1 hash: c737e0595d96c1381ee842a7412036db9828befc
MD5 hash: 7017966e5b2875919c72f36d38653d76
humanhash: delta-oscar-victor-gee
File name:Purchase Order - DRR 30-06-2020.iso
Download: download sample
Signature AgentTesla
Create hunting rule
File size:471'040 bytes
First seen:2020-06-30 17:25:34 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 6144:v0Bi2nZjQmD9lEISCq+pFvz/oPabZx9NUqyyHBxiQ5zSdtobnaUB:v0w2nCcQBazis3/HviIscjB
TLSH 8CA4013633699B19D6F9ABF1502224610F72BC076531E20E3D8C74CE1B73B50A695F6B
Reporter cocaman
Tags:AgentTesla iso


Avatar
cocaman
Malicious email
From: Ranida Wongpiya <ranida@psiquantum.com>
Received: from psiquantum.com (unknown [209.58.149.67])
Date: 30 Jun 2020 14:39:25 -0700
Subject: RFQ - Purchase Order - DRR 30-06-2020
Attachment: Purchase Order - DRR 30-06-2020.iso

Intelligence

File Origin
# of uploads :
1
# of downloads :
72
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Generic-EXE.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/9416ab857761a22a9fa58de901553d9fd7cfc03f2e1f8ab15e552540a8283985/
Threat name:
ByteCode-MSIL.Backdoor.NanoCore
Create hunting rule
Status:
Malicious
First seen:
2020-06-30 07:54:23 UTC
File Type:
Binary (Archive)
Extracted files:
15
AV detection:
18 of 31 (58.06%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=sqlkxblxmgrcvh5frxuqcvj5t7l47qb7fypyvmk6kusubkbihgcq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

iso 9416ab857761a22a9fa58de901553d9fd7cfc03f2e1f8ab15e552540a8283985

(this sample)

AgentTesla

Executable exe 917cb3f1f38601270535643b8f26581f6a19f8e5eeaaf17f84324d186ea95cc4

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 917cb3f1f38601270535643b8f26581f6a19f8e5eeaaf17f84324d186ea95cc4
  
Dropping
AgentTesla
  
Dropping
MD5 58e219ad403001a4225ea30742060060

Comments