MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3fd4b4022876d4bc2975b859eba45c8da201c5daf4c273e35956c31f5befcc1a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3fd4b4022876d4bc2975b859eba45c8da201c5daf4c273e35956c31f5befcc1a
SHA3-384 hash: e094116c3990b9e4a7094fbd4c8550054557dca917b622a05c9930ee8bf379f8664db0991e75b706561c1933e5abef9f
SHA1 hash: c8252388209eb85f0fe14ea3317ca4819f048b78
MD5 hash: eb3ade310e1ac6a89c740d80fd8c7020
humanhash: johnny-cat-bravo-pluto
File name:precio requerido.rar
Download: download sample
Signature AgentTesla
Create hunting rule
File size:444'840 bytes
First seen:2020-11-05 10:01:21 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:l3abnIVZxB6bZGsce9gIJpZeqESbiaBwKtdTWw4:l3PZz6LROQpgqT2aB9qd
TLSH B7942388851587A9CE6959338CC823C941F7D67F2160AAD9CFCFC7DB4F257B06A00E5A
Reporter abuse_ch
Tags:AgentTesla rar


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: fnadl-03.srv.cat
Sending IP: 46.16.62.168
From: COINALDE, S.COOP <lnfo@coinalde.com>
Subject: Precio requerido
Attachment: precio requerido.rar (contains "s1knUFcCJkJ0hxU.exe")

AgentTesla SMTP exfil server:
mail.soaluga.pt:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
87
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/3fd4b4022876d4bc2975b859eba45c8da201c5daf4c273e35956c31f5befcc1a/
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-11-04 19:21:20 UTC
AV detection:
15 of 29 (51.72%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=h7kliario3klyklvxbm6xjc4rwradro26tbhhy2zk3br6w7pzqna._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar 3fd4b4022876d4bc2975b859eba45c8da201c5daf4c273e35956c31f5befcc1a

(this sample)

AgentTesla

Executable exe c66961ccbcbf886446b8cdab99d1f23ffa5f4875868330d548d529e0962844e0

  
Dropping
MD5 d32d677b0cb3513e8a3f57ad57d6efe7
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 c66961ccbcbf886446b8cdab99d1f23ffa5f4875868330d548d529e0962844e0

Comments