MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a7c6fc14d15572b512599f5335aa853f77cd5ef3a43b9f82c93dc9c7e414443a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a7c6fc14d15572b512599f5335aa853f77cd5ef3a43b9f82c93dc9c7e414443a
SHA3-384 hash: f053ad194b13206892f14cacc998935c1bfecbcc66e72187a5fdd2834f5c3ef87a029804b090e4046947038880fcf89b
SHA1 hash: 4d80c53326383cadf05281c685eb18bcc26a2a42
MD5 hash: 28c886f5a5d9d25b97633dfa14fded47
humanhash: skylark-ohio-muppet-lactose
File name:RERESHIPPING DOCUMENTS.rar
Download: download sample
Signature AgentTesla
Create hunting rule
File size:929'871 bytes
First seen:2020-06-18 17:21:40 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 24576:7V87TUvLNu0Ic6YrVUCxhn/hVJxjT5fXnMDByFhuc8mUkpbt:7iITLprVUenzJxJPn6M/78Jkph
TLSH 1B153394A56377024847B7F26ECBA1B0381079BC133A5E52CE64DB1D9AEBCB46D0C771
Reporter abuse_ch
Tags:AgentTesla rar


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: dotsmail.itsoul.com
Sending IP: 107.6.134.141
From: support@dhl.com
Subject: SHIPPING DOCUMENTS
Attachment: RERESHIPPING DOCUMENTS.rar (contains "RERESHIPPING DOCUMENTS.exe")

AgentTesla SMTP exfil server:
mail.deepakengineers.co.in:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
74
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
Win32.Trojan.Wacatac
Create hunting rule
Status:
Malicious
First seen:
2020-06-18 17:35:27 UTC
AV detection:
16 of 28 (57.14%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=u7dpyfgrkvzlkeszt5jtlkufh5342xxtuq5z7awjhxe4pzauiq5a._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar a7c6fc14d15572b512599f5335aa853f77cd5ef3a43b9f82c93dc9c7e414443a

(this sample)

AgentTesla

Executable exe cd77bc5bc1a62f613db72dca020f3fb093577ae47eb74917baba6a69f1a07389

  
Dropping
MD5 4b84df939fc77afc1ea99bbe2c78ba71
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 cd77bc5bc1a62f613db72dca020f3fb093577ae47eb74917baba6a69f1a07389

Comments