MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 274045e9d4beb3254dbd11d48c8c63115f00b72ba93a17513898ba472d6d969f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AgentTesla
Vendor detections: 3
| SHA256 hash: | 274045e9d4beb3254dbd11d48c8c63115f00b72ba93a17513898ba472d6d969f |
|---|---|
| SHA3-384 hash: | 89af57dcbc41ded93ca088e825f99cf54e71739d96f7061225115073a5c4f7aa27837ead16fafb2cbb9e792ff6cd4728 |
| SHA1 hash: | 211d070df90e7486497978eed1ea6652cd32d68b |
| MD5 hash: | 865627260cc07893d66162fd175dd8e9 |
| humanhash: | earth-five-black-berlin |
| File name: | MT103 Single Customer Credit Transfer Copy.img |
| Download: | download sample |
| Signature | AgentTesla |
| File size: | 1'900'544 bytes |
| First seen: | 2021-03-16 06:29:22 UTC |
| Last seen: | 2021-03-17 08:31:08 UTC |
| File type: | img |
| MIME type: | application/x-iso9660-image |
| ssdeep | 12288:XjGXOtIh0RToVGQCSb3JUyB/Zz3usl8hdMQ5yLUR5IJIKXFlqq8J3v5A3UYkCVXU:wUyBxusCDRTYU9cUiXdklf+C |
| TLSH | E895F85127846E24E27A43B04C35A519D7FDBA7BD338C4BCBE9F328B0B66A414573623 |
| Reporter | |
| Tags: | AgentTesla img SWIFT |
cocaman
Malicious email (T1566.001)From: "Piero Munari <Piero.Munari@unicreditgroup.eu>" (likely spoofed)
Received: "from unicreditgroup.eu (unknown [103.151.123.17]) "
Date: "15 Mar 2021 20:22:03 -0700"
Subject: "Payment Swift Copy Notification From UniCredit Bank S.p.A"
Attachment: "MT103 Single Customer Credit Transfer Copy.img"
Intelligence
File Origin
# of uploads :
4
# of downloads :
113
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
MALICIOUS
Detection(s):
Malicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Suspicious File
Score:
0.40
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
Delivery method
Distributed via e-mail attachment
Dropping
AgentTesla
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.