MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c9504347679cac8eb323a5b8138c8d706f8b1e8d4f9704a39da6d73ebc177f71. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c9504347679cac8eb323a5b8138c8d706f8b1e8d4f9704a39da6d73ebc177f71
SHA3-384 hash: bfd3343890bd67444c222489fa5b9d4e071d95a8400c0ab0d11339cf54eb0c3613e0a95586b15064c65bbf997d2c73f7
SHA1 hash: 3af6340f4ebb2987d20b71cca33ef475e326f146
MD5 hash: 2f0365cce2d2a082c0f976221f022b29
humanhash: fillet-violet-arizona-lemon
File name:AD1-2001028L.gz
Download: download sample
Signature AgentTesla
Create hunting rule
File size:481'308 bytes
First seen:2020-08-02 18:25:33 UTC
Last seen:2020-08-02 23:13:15 UTC
File type: gz
MIME type:application/x-rar
ssdeep 12288:CpC+YjvpDLFc5UQVUs6KPe+RZ1YCqj/+6bpU6R1tl1BKGrW:KIv9m55VUsc+RZ1YlRR1hkGrW
TLSH 2FA4231DF5B3C568E94655072CDE98A6CFBF2C39C02391E84CF42468ABB957BD30A781
Reporter jarumlus
Tags:AgentTesla

Intelligence

File Origin
# of uploads :
3
# of downloads :
79
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Rogue.0hr.20200803-0839.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c9504347679cac8eb323a5b8138c8d706f8b1e8d4f9704a39da6d73ebc177f71/
Threat name:
ByteCode-MSIL.Trojan.CryptInject
Create hunting rule
Status:
Malicious
First seen:
2020-08-02 15:51:51 UTC
AV detection:
15 of 29 (51.72%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=zfiegr3htswi5mzduw4bhdenobxywhunj6lqji45u3lt5paxp5yq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
AgentTesla
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/c9504347679cac8eb323a5b8138c8d706f8b1e8d4f9704a39da6d73ebc177f71

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

gz c9504347679cac8eb323a5b8138c8d706f8b1e8d4f9704a39da6d73ebc177f71

(this sample)

AgentTesla

Executable exe c750ae55b3e3cf8c83f657da2dc436d6acd799172701d6bb70caf72f4656e747

  
Dropped by
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 c750ae55b3e3cf8c83f657da2dc436d6acd799172701d6bb70caf72f4656e747
  
Dropping
MD5 ee302d0704b13c9bc280fd0843fff887

Comments