MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 35dee3416f89fcbeebfe90cf22cdf495c1e6e21858491541afa065d70f5aaf2b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

AgentTesla

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	35dee3416f89fcbeebfe90cf22cdf495c1e6e21858491541afa065d70f5aaf2b
SHA3-384 hash:	e5ff5f8ac31e686f9501c42c11c2938fb3d5212b35b438cdb49df642ebe8e4d8abbb6d510541f6957644bd3b69b41c69
SHA1 hash:	8e4fd598636f06c7f38e4cffb89241858c59c0de
MD5 hash:	51f5fdd458022f288004a42b63ffe39e
humanhash:	victor-shade-neptune-juliet
File name:	INVOICE.zip
Download:	download sample
Signature	AgentTesla Create hunting rule
File size:	1'411'046 bytes
First seen:	2020-09-23 16:11:46 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	24576:3mhcztU5nT/Jkra0pLfeEdWSWjnFtLIIJr2WovQg6nQ7a5MvH6S83ff2V/:gcztk/O+0pLOSEFlvppQ7EGHH8K/
TLSH	18653365CE2A4188B0532797FA522E6FBE3C353850627ADADFC5C6E5EDD01C81C4A31E
Reporter	cocaman
Tags:	AgentTesla zip

cocaman

Malicious email (T1566.001)
From: "Liu <naga@tmy.co.jp>"
Received: "from tmy.co.jp (unknown [172.241.27.7]) "
Date: "23 Sep 2020 09:11:05 -0700"
Subject: "=?UTF-8?B?562U5aSNOiDnrZTlpI06IElOVk9JQ0UgQ09ORklSTUFUSU9O?="
Attachment: "INVOICE.zip"