MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3e0894ba08947fd901a29de4cc8795035c754868a1d917860698c00b99c4fa08. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3e0894ba08947fd901a29de4cc8795035c754868a1d917860698c00b99c4fa08
SHA3-384 hash: 02764939ca6fbf1565971cbc245b7bf04f92716a51f9fe1cc872fe98dcb37a09361d8232097c82d93add4e6e12878b3e
SHA1 hash: e9076788f5d161230c45c1a0954341ce965a6e42
MD5 hash: 50505ce8eaff0301f895ccb1abd490ee
humanhash: carpet-april-timing-wyoming
File name:IAENMAIL-A4-200932-0830-0006460.pdf.gz
Download: download sample
Signature AgentTesla
Create hunting rule
File size:591'684 bytes
First seen:2020-10-27 10:39:16 UTC
Last seen:Never
File type: gz
MIME type:application/x-rar
ssdeep 12288:wiwZx+vUeloAaHt3hESow1s8JPIoZgpUq71tPldG+lQ0ypl9Z4/dgzuN:aSseSAaHb1sYPvc1z7lNyHzgnN
TLSH E5C423EFAB3F0C9A17B0522A39FF347A95A1A1A459C6DC1A23DC246563D0D3408FED61
Reporter abuse_ch
Tags:AgentTesla gz


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: slot0.buneg.com
Sending IP: 37.46.150.105
From: NotificacionesConfirming <notificacionesconfirming@bancsabadell.com>
Subject: BS Confirming: Abono Orden de Pago al Vencimiento.
Attachment: IAENMAIL-A4-200932-0830-0006460.pdf.gz (contains "173874969-041827.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
87
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/3e0894ba08947fd901a29de4cc8795035c754868a1d917860698c00b99c4fa08/
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-10-27 06:00:14 UTC
AV detection:
19 of 29 (65.52%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=hyejjoqisr75sanctxsmzb4vanohksdiuhmrpbqgtdaaxgoe7iea._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

gz 3e0894ba08947fd901a29de4cc8795035c754868a1d917860698c00b99c4fa08

(this sample)

AgentTesla

Executable exe 5f660b3ade2f06e699063a8ea77f25509dc4ea949bb8b590fefe22d94b70bbed

  
Dropping
MD5 742525c81addaf73ac9a06a2a1d521fa
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 5f660b3ade2f06e699063a8ea77f25509dc4ea949bb8b590fefe22d94b70bbed

Comments