MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 e34700fc026c49af30ecbe4a423a8168a5cfdd5fd9ce71c63379f5c1b7e3a438. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: e34700fc026c49af30ecbe4a423a8168a5cfdd5fd9ce71c63379f5c1b7e3a438
SHA3-384 hash: dfd9662beabede788eb9c66fa5ae756e684b83ba61c4571c68f7edd000946e4ad3a80f55f0a56c59e0a63f3c5603e21d
SHA1 hash: cb254d9e79e0983f4aad7602119623af40562eab
MD5 hash: 064264811b25f7780bbe6d98cb7ae2f9
humanhash: spaghetti-river-fix-queen
File name:Outstanding payment.rar
Download: download sample
Signature AgentTesla
Create hunting rule
File size:894'578 bytes
First seen:2020-06-04 17:39:07 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 24576:We9q/1HB4qAdXHnIysEZZcymdNGKwTqUeH8YbJnjSJFZW:V45B4qAZnIwmiKeqUeH8YtjSFM
TLSH 43153379BCED979657F03FE83B688C213D0B5E98B6F2446699D820BC5179FE0838C614
Reporter abuse_ch
Tags:AgentTesla rar


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: uzlinshpl01.uzcloud.uz
Sending IP: 185.74.4.8
From: Project manager <alejandra.seguracruz@grupogarel.com>
Reply-To: oliviamiller878@gmail.com
Subject: Pending Request
Attachment: Outstanding payment.rar (contains "bpDzzkBTSTZP6Ou.exe")

AgentTesla SMTP exfil server:
mail.flood-protection.org:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
64
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=4ndqb7acnre26mhmxzfeeoubncs47xk73hhhdrrtph24dn7duq4a._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar e34700fc026c49af30ecbe4a423a8168a5cfdd5fd9ce71c63379f5c1b7e3a438

(this sample)

AgentTesla

Executable exe b461e2c2a90c171e0aab4cabf499c7fca2704c45748f238b0ea54252c34844ed

  
Dropping
MD5 39377c5044fae670e16bc41a6e09afd8
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 b461e2c2a90c171e0aab4cabf499c7fca2704c45748f238b0ea54252c34844ed

Comments