MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 66767dd51c76da426f7a3c1a973127c10cba0221d6a68bf79712949a9cc9816b. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 66767dd51c76da426f7a3c1a973127c10cba0221d6a68bf79712949a9cc9816b
SHA3-384 hash: ce8f00d0e28447d9a44369dead96f70c336332ff9920c9245130b39d0775fde0a44f77104e18989e7339bb0d65d3c60b
SHA1 hash: 17c716f2d0503ae96e90488975356a56b0ff1671
MD5 hash: f6d5171db6ffce88d3bf4d8f940754d4
humanhash: florida-kitten-network-don
File name:Liquidación por Factorización de Créditos.rar
Download: download sample
Signature AgentTesla
Create hunting rule
File size:499'526 bytes
First seen:2020-10-28 08:50:09 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:AWhJ9F4l76I0lc327hi+BNEokDlDFTgpS8c9VPUYpsM:AoHFq6Hlowhi+BNE1D5FTgpTcvPUYpj
TLSH 63B42335ED2AFE12C070BE161ED37354EBB2806C9D2532A335E192B85B2692C4D1E737
Reporter abuse_ch
Tags:AgentTesla BBVA ESP geo rar


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: srvc229.trwww.com
Sending IP: 109.232.216.229
From: Confirmingbbva@bbva.com
Subject: BBVA-Confirming Liquidación por Factorización de Créditos
Attachment: Liquidación por Factorización de Créditos.rar (contains "Liquidación por Factorización de Créditos.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
94
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/66767dd51c76da426f7a3c1a973127c10cba0221d6a68bf79712949a9cc9816b/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=mz3h3vi4o3nee332hqnjomjhyegluarb22tix54xckkjvhgjqfvq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar 66767dd51c76da426f7a3c1a973127c10cba0221d6a68bf79712949a9cc9816b

(this sample)

AgentTesla

Executable exe 9ed0920d31401084899b407ed67c557d2e59bb68d0cf6a20492ba5d005439121

  
Dropping
MD5 3454e6b7c265666b6b8e59939caf09d9
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 9ed0920d31401084899b407ed67c557d2e59bb68d0cf6a20492ba5d005439121

Comments