MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 01622d6706941548280fd5ae0549112894c342ed7cd605e22b50522ec8bf2b77. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 01622d6706941548280fd5ae0549112894c342ed7cd605e22b50522ec8bf2b77
SHA3-384 hash: 23a45b12345e93228d80670c8b68e863a15bb4358e5989ae286da786b2ee28fbde949dcf4b460c0967426e5da259fe71
SHA1 hash: d6da9587418f7530b9563e8038e50dc8f3d71549
MD5 hash: c4e3baafc9f376edfce73c9cbd66401f
humanhash: undress-cold-quebec-connecticut
File name:c4e3baafc9f376edfce73c9cbd66401f.exe
Download: download sample
Signature AgentTesla
Create hunting rule
File size:1'159'572 bytes
First seen:2021-01-29 08:30:31 UTC
Last seen:2021-01-29 10:54:59 UTC
File type:Executable exe
MIME type:application/x-dosexec
ssdeep 12288:GiAUDIAQuXhOH6dh/2frMP0uNYwoPIpSWTJLejmm:GrUkuXhS6dwxuSPWT5eCm
TLSH B635868C9CAEC0CB86350F9896CED9EA46DA4FF30F229879B5C98BC7C534346F506525
Reporter abuse_ch
Tags:AgentTesla exe

Intelligence

File Origin
# of uploads :
2
# of downloads :
127
Origin country :
n/a
Vendor Threat Intelligence
Malware family:
n/a
ID:
1
File name:
c4e3baafc9f376edfce73c9cbd66401f.exe
Verdict:
No threats detected
Analysis date:
2021-01-29 08:34:49 UTC
Tags:
n/a
Link:
https://app.any.run/tasks/017238e1-4e7f-4576-8351-4b787c034040

Note:
ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/114659/
Detection(s):
SecuriteInfo.com.BehavesLike.Win32.Generic.tm.10723.UNOFFICIAL
Create hunting rule

Result
Verdict:
Clean
Maliciousness:
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
52 / 100
Link:
https://www.joesandbox.com/analysis/593664
Signature
Machine Learning detection for sample
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/01622d6706941548280fd5ae0549112894c342ed7cd605e22b50522ec8bf2b77/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=afrc2zygsqkuqkap2wxaksirfckmgqxnptlalyrlkbjc5sf7fn3q._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/210129-ykvqn9v9tj/
Unpacked files
SH256 hash:
01622d6706941548280fd5ae0549112894c342ed7cd605e22b50522ec8bf2b77
MD5 hash:
c4e3baafc9f376edfce73c9cbd66401f
SHA1 hash:
d6da9587418f7530b9563e8038e50dc8f3d71549
Link:
https://www.unpac.me/results/57e0e954-e6fa-4b58-87d5-d53b6227fde2/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.14
Link:
https://yomi.yoroi.company/submissions/01622d6706941548280fd5ae0549112894c342ed7cd605e22b50522ec8bf2b77

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

AgentTesla

Executable exe 01622d6706941548280fd5ae0549112894c342ed7cd605e22b50522ec8bf2b77

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/978558/
  
Delivery method
Distributed via web download
Cape
Cape
https://www.capesandbox.com/analysis/114659/

Comments