MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 4e928ec408bdf1c12454a1d4078aeed753b649637918b6e487980ee8c66b1981. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Loki
Vendor detections: 4
| SHA256 hash: | 4e928ec408bdf1c12454a1d4078aeed753b649637918b6e487980ee8c66b1981 |
|---|---|
| SHA3-384 hash: | 1def6902c9054473227384d5170d714a260eda83718a51d8d2abbe67dd5665e8be1e19e9491d854a7d2f44dae2833e3f |
| SHA1 hash: | 4b1a5dc0ad7011e31e3a12ed834aa265ee15eabf |
| MD5 hash: | 54e467f221369c466c27747c1969b297 |
| humanhash: | beer-pluto-yankee-social |
| File name: | bank slip TISCOLTD USD 18,557,00-_pdf.gz |
| Download: | download sample |
| Signature | Loki |
| File size: | 404'354 bytes |
| First seen: | 2020-08-03 08:05:41 UTC |
| Last seen: | 2020-08-03 08:13:35 UTC |
| File type: | zip |
| MIME type: | application/zip |
| ssdeep | 12288:rbROevEbRiKzGeaPixfhppu3aMXmy9yP2kF7sYfDa5:H7vEbDzGea8kxWcyOkju5 |
| TLSH | 1984237834D4A2730DA38F2D9769AC39A8FB0C2F7179C5EE19D92278D11267092C9CDD |
| Reporter |  jarumlus |
| Tags: | Loki |
Intelligence
File Origin
# of uploads :
2
# of downloads :
66
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Status:
Malicious
First seen:
2020-08-03 02:57:43 UTC
AV detection:
20 of 48 (41.67%)
Threat level:
5/5
Detection(s):
Malicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Limitail
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Dropped by
Loki
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.