MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 b2a4ddf642823d73d39565f39d89e2f8787d5efe9aa99058a5279d6e998a440c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AgentTesla
Vendor detections: 2
| SHA256 hash: | b2a4ddf642823d73d39565f39d89e2f8787d5efe9aa99058a5279d6e998a440c |
|---|---|
| SHA3-384 hash: | e7b5fa1dfe161de6ec9484ed13925fb29058741eca028cab10dc092704b8d13ac95a78dc6746a482cc98b313fa41c2b1 |
| SHA1 hash: | 2e9d5983e96a42e5f1e977ebc572984be0d34e52 |
| MD5 hash: | ce9cf50c5f8539d03ed929e2d2485f3b |
| humanhash: | princess-thirteen-hot-colorado |
| File name: | PaymentSwiftCopy_pdf.ace |
| Download: | download sample |
| Signature | AgentTesla |
| File size: | 425'016 bytes |
| First seen: | 2020-06-09 05:00:31 UTC |
| Last seen: | 2020-06-09 06:33:16 UTC |
| File type: | ace |
| MIME type: | application/octet-stream |
| ssdeep | 12288:2EiVQuNO5AgIMBWqj0WkMtyFH6GUtoUjI6iHtc6z:IQL5AgIMB7tCFH6GEjIDX |
| TLSH | AB94232329C3CFF4C96A5D1E071748C52AFC97CFA464423F86A19CCB4EE99E905D09B9 |
| Reporter |  jarumlus |
Intelligence
File Origin
# of uploads :
2
# of downloads :
58
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Status:
Malicious
First seen:
2020-06-09 05:02:05 UTC
AV detection:
13 of 28 (46.43%)
Threat level:
5/5
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.