MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 7c9d8eb662c655cd9dfc30fcb10e086386193d61f7306fd75637d8eeb8badd45. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AgentTesla
Vendor detections: 5
| SHA256 hash: | 7c9d8eb662c655cd9dfc30fcb10e086386193d61f7306fd75637d8eeb8badd45 |
|---|---|
| SHA3-384 hash: | 9e9dac719bb964ec6bea596acebb60db14011409a1ea77adc5b6dff5b878024b389efd201e257c8117088c436ab88103 |
| SHA1 hash: | 53f5714e41c3d61677d07cc9d138df20913546be |
| MD5 hash: | f7b2af2fdae8835266c03596a00e32f1 |
| humanhash: | uncle-lima-romeo-sodium |
| File name: | confirm PI#10020210546.img |
| Download: | download sample |
| Signature | AgentTesla |
| File size: | 1'638'400 bytes |
| First seen: | 2021-10-08 08:07:28 UTC |
| Last seen: | Never |
| File type: | img |
| MIME type: | application/x-iso9660-image |
| ssdeep | 12288:zzwA0fDyL9pD3n+0SN8AXL0zVmc9zvF2A8k+RL4:4x+L7D3+1N8wL0R1ldX8k88 |
| TLSH | T13C7506002695C701D1B637F5D860CAF093656C55EA29C28B2DF1BEDB79B1B03CE11AAF |
| Reporter | |
| Tags: | AgentTesla img |
cocaman
Malicious email (T1566.001)From: "Nasser (AW WONG LTD) <nasser.h@awwong.com>" (likely spoofed)
Received: "from awwong.com (unknown [185.222.58.155]) "
Date: "7 Oct 2021 20:16:47 +0200"
Subject: "New FCL Order - Order IS01OCT5"
Attachment: "confirm PI#10020210546.img"
Intelligence
File Origin
# of uploads :
1
# of downloads :
172
Origin country :
n/a
Vendor Threat Intelligence
Verdict:
Likely Malicious
Threat level:
7.5/10
Confidence:
100%
Tags:
monero obfuscated packed
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Status:
Malicious
First seen:
2021-10-08 08:08:08 UTC
File Type:
Binary (Archive)
Extracted files:
35
AV detection:
17 of 28 (60.71%)
Threat level:
5/5
Detection(s):
Suspicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
Delivery method
Distributed via e-mail attachment
Dropping
AgentTesla
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.