MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 99fb8c3c2f8e9e5df1d9821fac4dfb82d58475c31c94d2148a5564400f33545a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 99fb8c3c2f8e9e5df1d9821fac4dfb82d58475c31c94d2148a5564400f33545a
SHA3-384 hash: da004ebe48bf64b7fd2b4251327b240fa43b413255fbeaa03d9aa962a00a946a966f16521f95b3100e99413c8c95e7c7
SHA1 hash: c0d4d0b033454d78f286412c58a4e25703fc583c
MD5 hash: 90bc75f02ffa7aa62d995e90c4210830
humanhash: pizza-crazy-oven-sixteen
File name:SAMPLE ORDER INQUIRY.Z
Download: download sample
Signature AgentTesla
Create hunting rule
File size:438'064 bytes
First seen:2020-04-30 07:53:54 UTC
Last seen:2020-04-30 07:54:11 UTC
File type: z
MIME type:application/x-rar
ssdeep 12288:iRJK7Wu1V7wX8OeObBf5xiIRpeswVT7WY9bywdA:iPNu77wXDekBf5xiWp/A9ywW
TLSH C29423B0C2DB10979B7FB96847B2B388EC71E01F6D5DC90B154214FD8246389EEBA961
Reporter abuse_ch
Tags:AgentTesla z


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: quickwhip.com.au
Sending IP: 212.83.46.23
From: Liandra<sales@quickwhip.com.au>
Subject: REVERSED SAMPLE ORDER
Attachment: SAMPLE ORDER INQUIRY.Z (contains "SAMPLE ORDER INQUIRY.exe")

Intelligence

File Origin
# of uploads :
2
# of downloads :
82
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Create hunting rule
Status:
Malicious
First seen:
2020-04-29 22:13:09 UTC
File Type:
Binary (Archive)
Extracted files:
4
AV detection:
24 of 48 (50.00%)
Threat level:
  2/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=th5yypbpr2pf34ozqip2ytp3qlkyi5oddsknefekkvseadztkrna._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

z 99fb8c3c2f8e9e5df1d9821fac4dfb82d58475c31c94d2148a5564400f33545a

(this sample)

AgentTesla

Executable exe 5ce34d5704ba5ff7da8ea8b1da109e228dbb7c0b53550e76fa545796a9a0cb54

  
Dropping
MD5 7de883241847d359d051e9f5c5025c68
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 5ce34d5704ba5ff7da8ea8b1da109e228dbb7c0b53550e76fa545796a9a0cb54

Comments