MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 4619df28b591cedae63a12015facbf569ac5b77aa98f52ddff61d728822ed992. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Loki
Vendor detections: 5
| SHA256 hash: | 4619df28b591cedae63a12015facbf569ac5b77aa98f52ddff61d728822ed992 |
|---|---|
| SHA3-384 hash: | 1ff9f75fd912fec46af2fb3dad7ddb04634078cab4ddfb032b0fbb45d14842b7ce35d0e3b5ceb1fc9a429744cab0eac1 |
| SHA1 hash: | cc99dd11266105d12f0551d7ef30928fb65a7578 |
| MD5 hash: | 43f814569f738d228a2aab0b4ad44328 |
| humanhash: | neptune-stream-eight-massachusetts |
| File name: | Transac Approval.ace |
| Download: | download sample |
| Signature | Loki |
| File size: | 415'511 bytes |
| First seen: | 2021-02-12 22:09:40 UTC |
| Last seen: | 2021-02-18 01:00:39 UTC |
| File type: | ace |
| MIME type: | application/octet-stream |
| ssdeep | 12288:s3vLpQPVX7uY38TMMe6UbIk7z7NkBpM89:s3tupSYsTMMe6UEkrKBp39 |
| TLSH | 8C9423A8A83868B91AF5B035C6DFC9DE2F1889E3FD155F630D28B14D24F520BD71067A |
| Reporter |  GovCERT_CH |
| Tags: | Loki |
Intelligence
File Origin
# of uploads :
11
# of downloads :
158
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
MALICIOUS
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Status:
Malicious
First seen:
2021-02-12 12:54:39 UTC
AV detection:
15 of 29 (51.72%)
Threat level:
5/5
Detection(s):
Malicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Dropped by
Loki
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.