MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 dfd9fe144072dc24068d59c9423d47ccc5fb7bc8c79c110231904441b9032ef9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: dfd9fe144072dc24068d59c9423d47ccc5fb7bc8c79c110231904441b9032ef9
SHA3-384 hash: 12560352f39460a8c6329349e7329d877d6ed10e0d5166a89cb94be17933ae1c186da2ae1549ea8c2a6dc04b10fb6e81
SHA1 hash: 84c1d99ca680a2d00bba0b8b24acc6a2e7e768c0
MD5 hash: b280041d02d092dc1913014a1770985c
humanhash: chicken-violet-sierra-sixteen
File name:Require Quote.gz
Download: download sample
Signature AgentTesla
Create hunting rule
File size:394'326 bytes
First seen:2020-08-08 07:53:03 UTC
Last seen:Never
File type: gz
MIME type:application/x-rar
ssdeep 6144:GPueJ1JedsZBr9kpA7tPfknSb7Omni0fC/LF7qpiiVtXdxLLO2FCZaFRl29kXVEd:GPfT/ZHoABPsSHtn0MfVdfmwG9kK
TLSH 9684234EEB0455032518F21BCA4A3E15CACF611FEF676AE3FB391D7590EDDEA140089A
Reporter abuse_ch
Tags:AgentTesla gz


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: debbieltd.pw
Sending IP: 104.168.143.233
From: Sales <info@debbieltd.pw>
Subject: Request for Quotation
Attachment: Require Quote.gz (contains "Require Quote.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
63
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/dfd9fe144072dc24068d59c9423d47ccc5fb7bc8c79c110231904441b9032ef9/
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=37m74fcaolocibunlheuepkhztc7w66iy6obcarrsbcedoidf34q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/dfd9fe144072dc24068d59c9423d47ccc5fb7bc8c79c110231904441b9032ef9

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

gz dfd9fe144072dc24068d59c9423d47ccc5fb7bc8c79c110231904441b9032ef9

(this sample)

AgentTesla

Executable exe e710739997bbb4c0aa3dbbc48746cfd22a223b1d136fcdef77817170ed3f3850

  
Dropping
MD5 035bb9708cc97e93f34220d1e24eb21f
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 e710739997bbb4c0aa3dbbc48746cfd22a223b1d136fcdef77817170ed3f3850

Comments