MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 39afc3052f57d86b3b3f5afa05b63f9b7d30e79728efccf15ec27e4f340ecf05. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 39afc3052f57d86b3b3f5afa05b63f9b7d30e79728efccf15ec27e4f340ecf05
SHA3-384 hash: c5038165608eeb1d368fb694517100752d621674b4fe53f1ec12e4761c0a630fd4263f7f835854172a8ccca2d8109369
SHA1 hash: fd2f35b8bc3b816a0f6f4dcd71edf6e99a147c81
MD5 hash: 1fca3ce0cc6c412e62a0a2f572310a04
humanhash: nine-princess-sink-high
File name:Order List & IMGS_DANI Group.rar
Download: download sample
Signature AgentTesla
Create hunting rule
File size:265'487 bytes
First seen:2020-09-30 05:29:08 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 6144:iLekcCc9QpFn45hU7A8TVMJQJbwW3gxYxKXiqAQHiz:8BDdLn45mPmJQBYiHz
TLSH 144423FFA1AA73EA37D1FF6FDAE0E00811F6EE3191541C2C926198397061DA8D7E1251
Reporter cocaman
Tags:AgentTesla rar


Avatar
cocaman
Malicious email (T1566.001)
From: "Marcelo Aberdeen<aberdeen@quartzelec.com>"
Received: "from quartzelec.com (unknown [108.62.118.251]) "
Date: "29 Sep 2020 20:02:55 -0700"
Subject: "New Order Inquiry Grupo Dani Chile"
Attachment: "Order List & IMGS_DANI Group.rar"

Intelligence

File Origin
# of uploads :
1
# of downloads :
89
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Heur.3547.23284.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/39afc3052f57d86b3b3f5afa05b63f9b7d30e79728efccf15ec27e4f340ecf05/
Threat name:
Win32.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2020-09-30 00:08:53 UTC
File Type:
Binary (Archive)
Extracted files:
4
AV detection:
6 of 48 (12.50%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=hgx4gbjpk7mgwoz7ll5alnr7tn6tbz4xfdx4z4k6yj7e6naoz4cq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/39afc3052f57d86b3b3f5afa05b63f9b7d30e79728efccf15ec27e4f340ecf05

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar 39afc3052f57d86b3b3f5afa05b63f9b7d30e79728efccf15ec27e4f340ecf05

(this sample)

AgentTesla

Executable exe cbc1369ce8647d37acabe75a2a8b62f771d0e2f803f0c5eb04e807a1603426e4

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 cbc1369ce8647d37acabe75a2a8b62f771d0e2f803f0c5eb04e807a1603426e4
  
Dropping
AgentTesla

Comments