MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3345a4c46fec18ca55f32a05404a2ffdafdb6de93b000a1881da387e17a50b42. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 2 Yara Comments

SHA256 hash: 3345a4c46fec18ca55f32a05404a2ffdafdb6de93b000a1881da387e17a50b42
SHA3-384 hash: 3f323b4a0d228a511ca2e074a3e1b024115e1f9091d7a260394d293acd886a7393095e776da460edb012f500af808b82
SHA1 hash: e554c8046d6cf6039e457bc4167571ce748be69a
MD5 hash: 3b1746728917ea3e5ba991574726be00
humanhash: five-fruit-tango-undress
File name:Payment
Download: download sample
Signature AgentTesla
File size:393'316 bytes
First seen:2020-06-30 10:58:41 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:nv+yZBGmZ3fq/b3nohLfOVf6mV63mbvMhKQ6tCjhTldVB+OSxi1:nvy6f80hrOVf6DaMgQb+OSy
TLSH 0084236EB330630344789507D0246A61D1DA3071B18373B21EB33896EF5BE5AF596AEF
Reporter @jarumlus


Mail intelligence
Trap location Impact
IT Italy Low
CH Switzerland Low
Global High
NL Netherlands Low
# of uploads 1
# of downloads 26
Origin country FR FR
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Kryptik
First seen:2020-06-30 09:55:17 UTC
AV detection:24 of 48 (50.00%)
Threat level:   2/5
Spamhaus Hash Blocklist :Malicious file
VirusTotal:Virustotal results 19.70%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



zip 3345a4c46fec18ca55f32a05404a2ffdafdb6de93b000a1881da387e17a50b42

(this sample)

Dropped by
Delivery method
Distributed via e-mail attachment