MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 cf8c28ee083ae7bfbcc770260baf9e30e25e2668667680607b2d524840d26d66. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence File information Yara Comments

SHA256 hash: cf8c28ee083ae7bfbcc770260baf9e30e25e2668667680607b2d524840d26d66
SHA3-384 hash: 7f6371d1607613e0e07a86ff52babb8ed2fbd5c41e80c9a59de1d6f42c3ae4e6acc6b5b0d96d2464fa8d90e84e7d4fcf
SHA1 hash: b344d6df9be360e79db224c7901532df9c92ab56
MD5 hash: 48deff6d7c34437486b00e1f52e9b52c
humanhash: violet-coffee-alanine-stream
File name:DOC.7z
Download: download sample
Signature n/a
File size:768'716 bytes
First seen:2020-08-01 07:52:32 UTC
Last seen:Never
File type: 7z
MIME type:application/x-7z-compressed
ssdeep 12288:lVw5UByCklOPaPVN/XdqKps/Ys4UQZ/hsUrCS8n5Rshn6Eonl+26i5zN:lVw64OKN/NLqgsgh/Vfh6E45x
TLSH E9F4236D0E0D7E29E04B61716E1962BEDA9ECC4648FD9020B05DFD9095F2F8398F137A
Reporter @jarumlus
Tags:AgentTesla

Intelligence


File Origin
# of uploads :
1
# of downloads :
41
Origin country :
FR FR
Mail intelligence
Geo location:
CH Switzerland
Volume:
Low
Geo location:
Global
Volume:
High
Geo location:
NL Netherlands
Volume:
Low
Vendor Threat Intelligence
Threat name:
ByteCode-MSIL.Trojan.Kryptik
Status:
Malicious
First seen:
2020-08-01 07:54:06 UTC
AV detection:
20 of 48 (41.67%)
Threat level
  5/5

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

7z cf8c28ee083ae7bfbcc770260baf9e30e25e2668667680607b2d524840d26d66

(this sample)

  
Dropped by
AgentTesla
  
Delivery method
Distributed via e-mail attachment

Comments