MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 47e02352a5b63778999b6edea53f398a93728f6f3614aa317c40804d4ded3828. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AgentTesla
Vendor detections: 4
| SHA256 hash: | 47e02352a5b63778999b6edea53f398a93728f6f3614aa317c40804d4ded3828 |
|---|---|
| SHA3-384 hash: | 93e32d3ef1e1074d8ea7f8d2bc720aaac4f12c12aa78dd4b8262746cb3c7d49034d6e2526c4986bbdef9c845392b511b |
| SHA1 hash: | a7d6611d28f2d763b95f709704533ed2de2a97f5 |
| MD5 hash: | 08424bfbe05c5c5f632ef49b6e35befb |
| humanhash: | mike-nine-red-failed |
| File name: | Paketdetails.tgz |
| Download: | download sample |
| Signature | AgentTesla |
| File size: | 1'764'084 bytes |
| First seen: | 2020-12-07 06:26:23 UTC |
| Last seen: | Never |
| File type: | |
| MIME type: | application/gzip |
| ssdeep | 49152:FwuGjHz207p8DPfuLYlsaRHdyXE3etvd+N/Mfv+K:a3H2+CLfflsuZr/+D |
| TLSH | 4A85336AD267D31E908FB825B2FEDE818584EEC501AF77591ED6A125B343C73237068C |
| Reporter |  cocaman |
| Tags: | tgz |
Intelligence
File Origin
# of uploads :
1
# of downloads :
158
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
SUSPICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Threat name:
ByteCode-MSIL.Trojan.Taskun
Status:
Malicious
First seen:
2020-12-07 06:29:14 UTC
File Type:
Binary (Archive)
Extracted files:
8
AV detection:
14 of 29 (48.28%)
Threat level:
5/5
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Eldorado
Score:
0.90
File information
The table below shows additional information about this malware sample such as delivery method and external references.
exe Delivery method
Distributed via e-mail link
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.