MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 24c6497403147b55bdbb2d9da0250becb98b740598fc8afe35e8837ecf8f4c06. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 24c6497403147b55bdbb2d9da0250becb98b740598fc8afe35e8837ecf8f4c06
SHA3-384 hash: 3a7662db986e9c783e6bddd9ee9e44ec473ee3776f770d468aebf90505e7768a0186289d84cf60d7a9f101e3178a5413
SHA1 hash: 7ebcd550a6cfd9385c4d1a6cfa09384bdc6000a6
MD5 hash: 0fca004336e9ef5a1912b14ed469ac03
humanhash: undress-steak-georgia-colorado
File name:Seashore Group Order.zip
Download: download sample
Signature AgentTesla
Create hunting rule
File size:362'511 bytes
First seen:2020-12-09 11:01:18 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:rTJ6Kb2PYyiIciFSo8mpqh8dUIq2w0QS0KzxXK4OVv/ZZxLHyj/4COt8:nJ6s6VcUl8oqhaqfVS0QKHZZ5q/4nt8
TLSH 3374234EDDC73204037472E0EBC5AC8BD652B988B48DD6EF5D16E5606F1A1853EEAC83
Reporter abuse_ch
Tags:zip


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: interia.pl
Sending IP: 213.227.155.6
From: b.mleczko@interia.pl
Subject: Seashore Group Order
Attachment: Seashore Group Order.zip (contains "Seashore Group Order.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
108
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Heur.3295.13555.UNOFFICIAL
Create hunting rule

Result
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/24c6497403147b55bdbb2d9da0250becb98b740598fc8afe35e8837ecf8f4c06/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=etdes5adcr5vlpn3fwo2ajil5s4yw5aftd6iv7rv5cbx5t4pjqda._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/24c6497403147b55bdbb2d9da0250becb98b740598fc8afe35e8837ecf8f4c06

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

zip 24c6497403147b55bdbb2d9da0250becb98b740598fc8afe35e8837ecf8f4c06

(this sample)

AgentTesla

Executable exe f3ba2b7b17b659d41e6794dc0aeae05bb1d3f5d21dad10d5064e24f85bde7b22

  
Dropping
MD5 4cf21eb60d36bf3e3afd5eaefb6f2fc8
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 f3ba2b7b17b659d41e6794dc0aeae05bb1d3f5d21dad10d5064e24f85bde7b22

Comments