MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3c82fbd85a69de84fc7cb404bdd1cb849925a7b6b1053a6572cfb2b610a93a39. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 4 Yara Comments

SHA256 hash: 3c82fbd85a69de84fc7cb404bdd1cb849925a7b6b1053a6572cfb2b610a93a39
SHA3-384 hash: 1b57b22d3584e31508a5e8d2949e0cb0a9f53b2d94d485c4d87a63c9b1e5102f93fa586f789015060308e442a951eda7
SHA1 hash: 121e499e586fa793ca6d8ee2fff42ff4df9009cc
MD5 hash: d141b9a85cc5e2bfbb5ee251fca97dc7
humanhash: white-beer-fish-alaska
File name:AWB DHL 6357297368.rar
Download: download sample
Signature AgentTesla
File size:374'739 bytes
First seen:2020-07-01 01:13:38 UTC
Last seen:2020-07-01 03:39:46 UTC
File type: rar
MIME type:application/x-rar
ssdeep 6144:huKP+/xDmj7RiUvN/BafYWXNpVrlO8+f19sEgJvUXjdZqrbiXigzF6dnZMPCeQQL:UhMj7Yo5BaAWjRlm9s7GJigJ6dnZMPgA
TLSH 5B84234487BE8617219856697BB67E36819A1CFEF3E0CCE6CB95CAC4B081005F846FF4
Reporter @jarumlus


Mail intelligence
Trap location Impact
CH Switzerland Low
Global High
# of uploads 2
# of downloads 24
Origin country US US
ClamAV No detection
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Androm
First seen:2020-06-30 09:51:44 UTC
AV detection:20 of 48 (41.67%)
Threat level:   2/5
Spamhaus Hash Blocklist :Malicious file
VirusTotal:Virustotal results 4.92%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



rar 3c82fbd85a69de84fc7cb404bdd1cb849925a7b6b1053a6572cfb2b610a93a39

(this sample)

Dropped by
Delivery method
Distributed via e-mail attachment