MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 740c5d2f586d4accbf419e6e896c0c23540e7c5c961e61eab3a6ec7b1dba529c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 740c5d2f586d4accbf419e6e896c0c23540e7c5c961e61eab3a6ec7b1dba529c
SHA3-384 hash: b9be2f42e862aeb497b90c11055af7ae59c6545c37727ca126f356d16158266b2053f3ae05cc67307f406c29c5121f12
SHA1 hash: d4779b36f2b4aead69b16b674e126f53021c640a
MD5 hash: 2458cd91461ae41c02712f32437fb2cd
humanhash: river-shade-lima-venus
File name:INCENTIVE AMOUNT TRANSFER.rar
Download: download sample
Signature AgentTesla
Create hunting rule
File size:410'822 bytes
First seen:2020-08-16 14:06:20 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 6144:9UNS3sQlVvUjCC7eJACpuva9bVaUN2NH3qxfF2hseWKv9lkVpRBJZkzbue8wuuZA:9tajCzluv8ZHcQxfF2XxvornTkzCvwud
TLSH 8C9423022C1AA1E352EB46E5D16BC1E6A2DD115F00E58DEA477AEF3B7D3633BD027025
Reporter abuse_ch
Tags:AgentTesla rar


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: gmail.com
Sending IP: 81.171.9.143
From: Sherbin Thomas <chomi0605@panpacific.co.kr>
Reply-To: Sherbin Thomas <surnit9041@gmail.com>
Subject: LM Approved Invoices 08/15/20
Attachment: INCENTIVE AMOUNT TRANSFER.rar (contains "INCENTIVE AMOUNT TRANSFER.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
81
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/740c5d2f586d4accbf419e6e896c0c23540e7c5c961e61eab3a6ec7b1dba529c/
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=oqgf2l2ynvfmzp2btzxis3amenka47c4sypgd2vtu3whwhn2kkoa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/740c5d2f586d4accbf419e6e896c0c23540e7c5c961e61eab3a6ec7b1dba529c

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar 740c5d2f586d4accbf419e6e896c0c23540e7c5c961e61eab3a6ec7b1dba529c

(this sample)

AgentTesla

Executable exe b96e6ac1d0b74e691b13eaddb1f72d792727c0447aaadae0a9c4599c3288d51c

  
Dropping
MD5 e97b4b6cc1bd8e536e1b25135773feae
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 b96e6ac1d0b74e691b13eaddb1f72d792727c0447aaadae0a9c4599c3288d51c

Comments