MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 323c4abef29edede440a13b567e72757e36cb0c5185240b6953e081e0d2826ea. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 323c4abef29edede440a13b567e72757e36cb0c5185240b6953e081e0d2826ea
SHA3-384 hash: 172fc1e28cc89db03fc7d749a3d82ed1e2183ae2392b7465fac0a746a6d5d54546e1e593ebc8f47735445aee1d091e93
SHA1 hash: 50679043599dd2c0d82600db0fde1986ac1848e4
MD5 hash: 638cb2844f7ecdf169942b6fc826bf00
humanhash: music-blue-fish-glucose
File name:Doc310228PDF.img
Download: download sample
Signature AgentTesla
Create hunting rule
File size:1'835'008 bytes
First seen:2020-08-19 10:11:40 UTC
Last seen:Never
File type: img
MIME type:application/x-iso9660-image
ssdeep 12288:2L2ruLxjlaqIquwb7tgwPwKB8VVViOuvhB/QOM5smgYp:+FjJTuwvKowKyVMRlM5sR
TLSH 4D85D6242B4144E4DB280A70707949D363327DCE3B6AC73E699E36E9DE7358B361E1C9
Reporter abuse_ch
Tags:AgentTesla img


Avatar
abuse_ch
Malspam distributing AgentTesla:

From: "Smart Tech Director"<admin@smarttech.me >
Subject: Re: RFQ MOTORS
Attachment: Doc310228PDF.img (contains "310228xls.scr")

Intelligence

File Origin
# of uploads :
1
# of downloads :
63
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.GenericKD.34383443.10.6831.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/323c4abef29edede440a13b567e72757e36cb0c5185240b6953e081e0d2826ea/
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-08-18 23:42:11 UTC
AV detection:
13 of 29 (44.83%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=gi6evpxst3pn4rakco2wpzzhk7rwzmgfdbjebnuvhyeb4djie3va._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

img 323c4abef29edede440a13b567e72757e36cb0c5185240b6953e081e0d2826ea

(this sample)

AgentTesla

Executable exe 891cd769c1731bfaa4051041a3f48cab616cadc9ddc94cc090d3d6d3194015fa

  
Dropping
MD5 976c005d5de914e875b5479d4bf53030
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 891cd769c1731bfaa4051041a3f48cab616cadc9ddc94cc090d3d6d3194015fa

Comments