MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 1cde71bea7b12085fbe50e7f11afee55f7dcd6128b3f97a4d888436b19d4c2ea. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 1cde71bea7b12085fbe50e7f11afee55f7dcd6128b3f97a4d888436b19d4c2ea
SHA3-384 hash: cfc061fe0e73884c16a64c638481a05aa20f5a111660c81b1991bfabc92d313b4a41651097eea4d88374a119c1215e2e
SHA1 hash: a55e870773e06b832db34eb42ebd660113762107
MD5 hash: ea6f99713059b1e226b03cf163ee92f5
humanhash: sad-jig-item-nitrogen
File name:a1_mnb.exe
Download: download sample
Signature AgentTesla
Create hunting rule
File size:80'896 bytes
First seen:2020-07-23 09:02:33 UTC
Last seen:Never
File type:DLL dll
MIME type:application/x-dosexec
imphash dae02f32a21e03ce65412f6e56942daa (123 x YellowCockatoo, 60 x CobaltStrike, 44 x JanelaRAT)
ssdeep 1536:GQkSL3SBkPiXt/HojzgfVTuEqC61qMaoRKZIN53b2HqnL:iW3SBkPat/HSItuEqC6EMZKZm53bqqL
Threatray 55 similar samples on MalwareBazaar
TLSH 7F836B42779A0715E95891F280EF0D2403E6EBCA3AF3E75A7D8D62DD4E02391BF41B49
Reporter oppimaniac
Tags:AgentTesla

Intelligence

File Origin
# of uploads :
1
# of downloads :
70
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://www.capesandbox.com/analysis/31615/
Result
Verdict:
Clean
Maliciousness:
Result
Threat name:
Unknown
Detection:
suspicious
Classification:
evad
Score:
20 / 100
Link:
https://www.joesandbox.com/analysis/396010
Behaviour
Behavior Graph:
Download SVG
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/1cde71bea7b12085fbe50e7f11afee55f7dcd6128b3f97a4d888436b19d4c2ea/
Threat name:
ByteCode-MSIL.Trojan.Perseus
Create hunting rule
Status:
Suspicious
First seen:
2020-07-22 20:20:10 UTC
AV detection:
5 of 29 (17.24%)
Threat level:
  5/5
Verdict:
malicious
Label(s):
agenttesla
Create hunting rule
Similar samples:
5548abe06d971143d889bb02d56403770e68907400349c8534ac99ecca193812
AgentTesla
632fad824e77666d3ccb676808a2f04eb349f1f0f1495e75b37aa47e690ffe14
AgentTesla
733036ae8101048351d1cf684fe1bc02c1cf7a70725a470bec7cbd59a602738b
AgentTesla
82f9d45ee92a5f51af44dc11384e5a10fa12fbb46659291dc188a9222d17fc34
AgentTesla
942ba8391b19db4bbf53dc65cf6e170dadc6117900d468521fa69340dd575ac7
AgentTesla
a50f9170ee444aa88d99e2215f2ee8c1c7d1c9b93f686ec403e34ff16b585b86
AgentTesla
baadeb19ca78cd5bf6b02d15ffd5c90059b944415189ae24adca24abdc701b33
AgentTesla
d71e012a83f40bf8ab9676453b7ad61b5b34ee748bcefd56693f073c5a453016
AgentTesla
f95573e18dd16600bedc2ab6917774a91603d5e90ae5deccfa969a8311802972
AgentTesla
f9b03c723f0707c47dc00e0d77ac55559d2cd07cd6b38a67126e535068ca05dc
AgentTesla
+ 45 additional samples on MalwareBazaar
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/200723-vvdr5et9ge/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.76
Link:
https://yomi.yoroi.company/submissions/1cde71bea7b12085fbe50e7f11afee55f7dcd6128b3f97a4d888436b19d4c2ea

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape
Cape
https://www.capesandbox.com/analysis/31615/

Comments