MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 10b29911c8531578cb5d7001179e8c4ef7c3d608d50fca7625ea82cf5b49dec1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 10b29911c8531578cb5d7001179e8c4ef7c3d608d50fca7625ea82cf5b49dec1
SHA3-384 hash: 38e6d9a063728e02933acff647bed1a04f1af1fe82dd7213cfff7f762e67a905ec808e887620548dfafd6be8fe251146
SHA1 hash: a7a9a4f47449c30e39c262063629dc9d9f07766f
MD5 hash: 4b4066a8c40c670bbc6cb5168959c7e5
humanhash: tennis-paris-mirror-mobile
File name:11065-AMM0000557423-736065949.7z
Download: download sample
Signature AgentTesla
Create hunting rule
File size:411'368 bytes
First seen:2020-05-20 06:49:29 UTC
Last seen:Never
File type: 7z
MIME type:application/x-rar
ssdeep 12288:YpPAayG5u8KIG4lQ9bVk/6znko+rq5YEjHUqUtAgtjCWze:Y+G5u8VGw8xoMkoc40qnWFa
TLSH 509423E7C4DE5A503CD3E84E0138F9A8626D7E670288277E2F5B20E8B31DD8D54254AB
Reporter abuse_ch
Tags:7z AgentTesla geo IND


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: mail.cleaning-it.hu
Sending IP: 85.90.162.23
From: Aruna Kochhar <arunakochhar4@gmail.com>
Subject: लोडिंग के लिए दस्तावेज
Attachment: 11065-AMM0000557423-736065949.7z (contains "11065-AMM0000557423-736065949.exe")

AgentTesla SMTP exfil server:
mail.elhelado.com.mx:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
83
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.Agensla
Create hunting rule
Status:
Malicious
First seen:
2020-05-20 07:36:29 UTC
File Type:
Binary (Archive)
Extracted files:
4
AV detection:
19 of 48 (39.58%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=cczjseoikmkxrs25oaarphumj334hvqi2uh4u5rf5kbm6w2j33aq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

7z 10b29911c8531578cb5d7001179e8c4ef7c3d608d50fca7625ea82cf5b49dec1

(this sample)

AgentTesla

Executable exe e390ee24fef5920157d9c28af8d232cd542f30b193481fef6fffb007631f374b

  
Dropping
MD5 39b71dd0dc801e89e04f0d2b3824b55f
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 e390ee24fef5920157d9c28af8d232cd542f30b193481fef6fffb007631f374b

Comments