MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 fed48c890f099eb9fa6868624f305964cb456fbbba0b4c9444c49fafba35bbf5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: fed48c890f099eb9fa6868624f305964cb456fbbba0b4c9444c49fafba35bbf5
SHA3-384 hash: fb5bc1291738c112dbaa1ceb35cad560f1019931db10e6888bb7c39abf135e5671784633cebd9450b84ddcc319b880c9
SHA1 hash: 14d91e2647e6c3644866eedd85a9449bc8540a4c
MD5 hash: 3f8b1bab104e7add676145dbe3dd4c54
humanhash: autumn-ten-diet-kilo
File name:Payment-inv Pdf.lzh
Download: download sample
Signature AgentTesla
Create hunting rule
File size:588'695 bytes
First seen:2020-08-31 09:17:46 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:IobfDm1QPJxiMAqBRZpOhMI/sUXPB59zrklqkR1TuO:xbfHJxxfIuU/B59XM1aO
TLSH 09C42360C8D3F7216D163FCE3FFA0B5D05530FAE71E40943A6ABD4349689572AC5B889
Reporter abuse_ch
Tags:AgentTesla lzh Outlook


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: EUR05-AM6-obe.outbound.protection.outlook.com
Sending IP: 40.92.91.46
From: Jose Pelaez <desguacespelaez@hotmail.com>
Subject: Payment-20519953MXC_Invoice AR4964348
Attachment: Payment-inv Pdf.lzh (contains "8JVksjPpTQe3cej.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
74
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/fed48c890f099eb9fa6868624f305964cb456fbbba0b4c9444c49fafba35bbf5/
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=73kizcipbgplt6tinbre6mczmtfuk353xifuzfceysp27orvxp2q._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/fed48c890f099eb9fa6868624f305964cb456fbbba0b4c9444c49fafba35bbf5

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar fed48c890f099eb9fa6868624f305964cb456fbbba0b4c9444c49fafba35bbf5

(this sample)

AgentTesla

Executable exe 99d5312ed790ae1cc69b6965f33f193863e3f4cec084ddf24b6d3722dd926d8d

  
Dropping
MD5 369a7128bae6f603d8d37e139beff1e3
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 99d5312ed790ae1cc69b6965f33f193863e3f4cec084ddf24b6d3722dd926d8d

Comments