MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d83e28dc4dfc5819bf9dd0f4939fe42069ba4c66fb5fa1c76c05b416cec2cc0d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

AgentTesla

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	d83e28dc4dfc5819bf9dd0f4939fe42069ba4c66fb5fa1c76c05b416cec2cc0d
SHA3-384 hash:	e27b1a312e2819376a3265b3775d586f2e0de39c0eb7674fb76d67d5a3fe2841fdb6849391cfcc7762201c58768e3a48
SHA1 hash:	b76644af675330705c04d9072a7a80e123c96f46
MD5 hash:	19867dcb81afe6cf41dbc5d2b57a0a83
humanhash:	twelve-solar-eight-apart
File name:	ZDXCD.zip
Download:	download sample
Signature	AgentTesla Create hunting rule
File size:	514'837 bytes
First seen:	2020-08-14 10:13:09 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	12288:A40nActnImJWK/zsa32pwgzwA8gCdctGyjtIIvGg7d2VS:A4EvNnJWsz1ewY1idctFjD4w
TLSH	B8B4230F69CE8F92D70FCA6E18D58CEA673EE5556F14440AADAE31781C6C3670903EC2
Reporter	abuse_ch
Tags:	AgentTesla zip

abuse_ch

Malspam distributing unidentified malware:

HELO: smtp2.hiworks.co.kr
Sending IP: 121.254.168.210
From: Hossain Sanuar <hsanuar_pd@wontradingbd.com>
Reply-To: "Hossain Sanuar" <hsanuar_pd@wontradingbd.com>
Subject: RE: URGENT INQUIRY ORDER
Attachment: ZDXCD.zip (contains "ZDXCD.exe")