MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 766caebd561507bb81ad3dac6988564ecd946d4c77b23020f3e4e87d04a8fb8f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

AgentTesla

Vendor detections: 2

Intelligence 2 IOCs YARA File information Comments

SHA256 hash:	766caebd561507bb81ad3dac6988564ecd946d4c77b23020f3e4e87d04a8fb8f
SHA3-384 hash:	2ebc0c27bc2e7d2a76c92c54562c8ad90d83a8aa3debd43455a1cd97fb0e1cfa896d5864af4325baa06255bc31e15ac0
SHA1 hash:	5270bb6cc36b520a318bb07ab7d364a69355d78d
MD5 hash:	700b76c4dd35a4fe7033352238f0d368
humanhash:	winner-fillet-pasta-harry
File name:	FGLHKG200671.r00
Download:	download sample
Signature	AgentTesla Create hunting rule
File size:	271'322 bytes
First seen:	2020-10-05 11:50:33 UTC
Last seen:	Never
File type:	r00
MIME type:	application/x-rar
ssdeep	6144:TKHuD6RmdhcIlCUDRjqguC89oEsOZV5ekByANmFwm5uw:f2m33CUDB3EsOZV53yyk
TLSH	E44422522D4C11C31E44DEFC205E558E7FE1C6EBCE6A12BF617B41E3666A8E381B5702
Reporter	abuse_ch
Tags:	AgentTesla geo Halkbank r00 TUR

abuse_ch

Malspam distributing AgentTesla:

HELO: dfl0.504.mulxi.ml
Sending IP: 157.245.42.198
From: Mehmet NAS <Mehmet.NAS@halkbank.com.tr>
Subject: T.HALK BANKASI A.Ş. 01.10.2020 Hesap Ekstresi
Attachment: FGLHKG200671.r00 (contains "FGLHKG200671.exe")