MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ce9e7e36e0ae40f96fa9e308ffb1d29ba9b223fd3a115cbc9c6572529b13cb88. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ce9e7e36e0ae40f96fa9e308ffb1d29ba9b223fd3a115cbc9c6572529b13cb88
SHA3-384 hash: 9c503a551a1573146690a8cfeb031d2c4e6a5d7839c1af60f5d795ef6fe4fb4528c68a16e97d858f4ff637921611b858
SHA1 hash: 8716d59e8668ef2f4587dd1d809c9a5d850591a1
MD5 hash: 7b36bb7df65d1dee670e4161efd8f4a2
humanhash: violet-colorado-autumn-batman
File name:QUOTE 008331.pdf.gz
Download: download sample
Signature AgentTesla
Create hunting rule
File size:450'751 bytes
First seen:2020-07-31 05:29:30 UTC
Last seen:Never
File type: gz
MIME type:application/x-rar
ssdeep 12288:bHw/rmb4mmOqsyp+fKmnS8RGlkxcYEXFATMjDh:Lwjm8Uqs33fKk+1ATMJ
TLSH 47A423A4675AC8A141DAB00A3EE1CEF27B52C8B84ECB5E4CFD217F5D78C46BA2513705
Reporter cocaman
Tags:AgentTesla gz


Avatar
cocaman
Malicious email
From: Zhang Ping <sales@dtpower.com>
Received: from dtpower.com (unknown [209.58.149.97])
Date: 31 Jul 2020 03:24:24 -0700
Subject: TOP URGENT SUPPLY -QUOTE008331
Attachment: QUOTE 008331.pdf.gz

Intelligence

File Origin
# of uploads :
1
# of downloads :
68
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/ce9e7e36e0ae40f96fa9e308ffb1d29ba9b223fd3a115cbc9c6572529b13cb88/
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-07-31 05:31:04 UTC
AV detection:
16 of 29 (55.17%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=z2ph4nxavzaps35j4mep7mostou3ei75hiivzpe4mvzffgytzoea._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Kryptik
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/ce9e7e36e0ae40f96fa9e308ffb1d29ba9b223fd3a115cbc9c6572529b13cb88

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

gz ce9e7e36e0ae40f96fa9e308ffb1d29ba9b223fd3a115cbc9c6572529b13cb88

(this sample)

AgentTesla

Executable exe 74b7a02e49c6319963fefe23a1736cf16bfd63ebb672a541d97c95601f840a49

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 74b7a02e49c6319963fefe23a1736cf16bfd63ebb672a541d97c95601f840a49
  
Dropping
AgentTesla

Comments