MalwareBazaar Database
This page shows some basic information the YARA rule AgentTesla_HighConfidence including corresponding malware samples.
Database Entry
| YARA Rule: | AgentTesla_HighConfidence |
|---|---|
| Author: | Arrbat |
| Description: | High-confidence detection using unique .NET loader/reflection stubs (Moonshine), NSIS manifests, specific typo/junk strings, and repeating patterns from observed samples. Low FP. |
| Firstseen: | 2026-05-03 13:25:09 UTC |
| Lastseen: | 2026-05-04 06:03:13 UTC |
| Sightings: | 7 |
Malware Samples
The table below shows all malware samples that matching this particular YARA rule (max 1000).
| Firstseen (UTC) | SHA256 hash | Tags | Signature | Reporter |
|---|