MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3dd33674755654a3dc5e182bc04bd1d4bc96cdeec6c1a201819b113e98922b58. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 11


Intelligence 11 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3dd33674755654a3dc5e182bc04bd1d4bc96cdeec6c1a201819b113e98922b58
SHA3-384 hash: f14985a6b8e1850afcefaaf29b1c588782d142c2d74501218a8c7b4c51a9ee1f87ee2806ab037f3c755b142bbcebff24
SHA1 hash: b1b385047ead2e252e9152fe5ce8e9f8523ca8c9
MD5 hash: 5c40e273901403756f3ebff955ca5b0c
humanhash: leopard-enemy-pasta-four
File name:f9sd9fd0809g7sd8f789g73438g97dsf8g798s7df98g.js
Download: download sample
Signature AgentTesla
Create hunting rule
File size:4'279'762 bytes
First seen:2026-03-02 10:57:06 UTC
Last seen:Never
File type:Java Script (JS) js
MIME type:text/plain
ssdeep 98304:7rbCiR9BNflz0xIpiqrQuaDEWhUW3dIwTPojeycAavX9RzsqAnA2fB5EbsiJnpkQ:7n9RPIxba9aDEWhUW32wToS2avgqr2p8
Threatray 126 similar samples on MalwareBazaar
TLSH T1A2163B44FD48B6A92F23CE363BB471D186C2645B7D4A8582F02B9EB1BF63185ED20D35
Magika javascript
Reporter JAMESWT_WT
Tags:192-3-176-231 AgentTesla bot8747049877 js

Intelligence

File Origin
# of uploads :
1
# of downloads :
353
Origin country :
IT IT
Vendor Threat Intelligence
No detections
Detection(s):
Sanesecurity.Malware.31320.UNOFFICIAL
Create hunting rule

SecuriteInfo.com.PUA.JS.Obfus-2525.UNOFFICIAL
Create hunting rule

Verdict:
Malicious
Score:
81.4%
Link:
https://cyber-fortress.com/docs/result/index.php?id=69a56d1a002d37d5c982a55d
Tags:
vmdetect lien
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
aes agenttesla anti-vm anti-vm base64 base64 crypto evasive evasive fingerprint hacktool infostealer obfuscated obfuscated powershell reconnaissance repaired windows
Link:
https://www.filescan.io/uploads/69a56d0d10e80629d4f865d2/reports/3136f3e6-0bc3-40db-a321-9afebc0a6b29/overview
Verdict:
Suspicious
Labled as:
JS/Agent.DLR
Link:
https://www.hybrid-analysis.com/sample/3dd33674755654a3dc5e182bc04bd1d4bc96cdeec6c1a201819b113e98922b58
Verdict:
Malicious
File Type:
js
Detections:
HEUR:Trojan.PowerShell.Tesre.sb HEUR:Trojan.Script.Generic Trojan-Downloader.JS.SLoad.sb Trojan.JS.SAgent.sb PDM:Trojan.Win32.Generic
Link:
https://opentip.kaspersky.com/3dd33674755654a3dc5e182bc04bd1d4bc96cdeec6c1a201819b113e98922b58/results?tab=lookup
Score:
97%
Verdict:
Malware
File Type:
SCRIPT
Link:
https://malprob.io/report/3dd33674755654a3dc5e182bc04bd1d4bc96cdeec6c1a201819b113e98922b58
Gathering data
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/3dd33674755654a3dc5e182bc04bd1d4bc96cdeec6c1a201819b113e98922b58/
Verdict:
Malicious
Threat:
Trojan.Script
Link:
https://tip.neiki.dev/file/3dd33674755654a3dc5e182bc04bd1d4bc96cdeec6c1a201819b113e98922b58
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=hxjtm5dvkzkkhxc6dav4as6r2s6jntpoy3a2eambtmit5gesfnma._file
Verdict:
malicious
Label(s):
agenttesla
Create hunting rule
Similar samples:
0daa3fc7e8c657b4e98fbd3be6b56c2c8950224945c5d0d3c10c2e4967637dce
AgentTesla
36c01710f8ff21e4e5a5e72373c419d3fadd9f22de8d7e78b1502e03a42bdd4e
AgentTesla
4235c4b9a9b9da916671b5efcd96a137de5a20e203aebfb78feb11d2bf03069e
AgentTesla
49adb2ba0f7b69d65978419b690af6ddca5d176cb143e24860decf5d41f4dedf
AgentTesla
4e6d500ed54ad0ae55137aed25539c0939c541c72677239536448657bd201321
AgentTesla
56a6556d5871d306f66964f17e45e08e2c8f46c86d06214173af069fec4beab0
AgentTesla
99c6f209e4e4adf3502472112f7172ede1a5dbf829c59d593449605ca2698d49
AgentTesla
9eee104aa1ddc7ab9a4a2e1a9f6020bd01d0f19bfcbeddbae332b1f9b4439c64
AgentTesla
bc4a510046a3fe5f115e3087cb40fd0789f0f0cec4eef02d9c0e6d4930753ed7
AgentTesla
cf098f81d68387d3491794c4f87c2812f5c0af3c5e7262cf90b40882975c930c
AgentTesla
error
AgentTesla
+ 116 additional samples on MalwareBazaar
Result
Malware family:
agenttesla
Create hunting rule
Score:
  10/10
Tags:
family:agenttesla execution keylogger spyware stealer trojan
Link:
https://tria.ge/reports/260302-m2dg8sdt6d/
Behaviour
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Command and Scripting Interpreter: JavaScript
Enumerates physical storage devices
Command and Scripting Interpreter: PowerShell
Checks computer location settings
AgentTesla
Agenttesla family
Malware Config
C2 Extraction:
https://api.telegram.org/bot8674746114:AAGKEZyhp-pD06UOU-aY_Rb9gZmwqPKzNbg/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/3dd33674755654a3dc5e182bc04bd1d4bc96cdeec6c1a201819b113e98922b58

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

AgentTesla

Java Script (JS) js 3dd33674755654a3dc5e182bc04bd1d4bc96cdeec6c1a201819b113e98922b58

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3788554/
  
Delivery method
Distributed via web download

Comments