MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 80cec57aab0dcd1c41196a6c230bbdf0019c08e6ebf2531c0d7b4f95ed1031ea. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 4 Yara Comments

SHA256 hash: 80cec57aab0dcd1c41196a6c230bbdf0019c08e6ebf2531c0d7b4f95ed1031ea
SHA3-384 hash: 50e97e3d4183100b8ae0f3506cdfec78d3e0ef53e52350917c33388bd687c6df31e57462bba472d908fda9e47ce622df
SHA1 hash: f72e3bdbbd070a2042934dfc1d623096034028a2
MD5 hash: c6d08fc27e652eed1362bd4bde557e8c
humanhash: massachusetts-eight-charlie-mike
File name:Specification Details.7z
Download: download sample
Signature AgentTesla
File size:387'915 bytes
First seen:2020-07-01 01:50:32 UTC
Last seen:Never
File type: 7z
MIME type:application/x-rar
ssdeep 6144:xyzdgzlTl2NgyO6U0HAioO69Gbu5RyRjwr3bGnQcqm4Kv+wc4qn:xdz5EWHp0k9Gq5RyCrLGQcDmwc4qn
TLSH DE8423C9D461A71C5B5A9CEEC6BCB6E0A21F883CFF7044A4476600A5E9440A3FF45F9E
Reporter @jarumlus


Mail intelligence
Trap location Impact
CH Switzerland Low
Global High
# of uploads 1
# of downloads 28
Origin country US US
ClamAV No detection
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Androm
First seen:2020-06-30 20:58:11 UTC
AV detection:18 of 30 (60.00%)
Threat level:   2/5
Spamhaus Hash Blocklist :Malicious file
VirusTotal:Virustotal results 32.79%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



7z 80cec57aab0dcd1c41196a6c230bbdf0019c08e6ebf2531c0d7b4f95ed1031ea

(this sample)

Dropped by
Delivery method
Distributed via e-mail attachment