MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 82beb4d976d3f446333a3aa853f161b73fe64f9c6a8e8188dfb26d2890d1391d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence File information Yara 3 Comments

SHA256 hash: 82beb4d976d3f446333a3aa853f161b73fe64f9c6a8e8188dfb26d2890d1391d
SHA1 hash: 2b9d30611f9c622116cb9553c474fd90043a19f8
MD5 hash: 22afa33a7fad2a3c14913202c90f8b65
File name:22afa33a7fad2a3c14913202c90f8b65.exe
Download: download sample
Signature AgentTesla
File size:451'072 bytes
First seen:2020-05-23 07:17:57 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744
ssdeep 12288:nGqfbtEMubHSCQmDaN5yvmtxAye16x1bZXMtPj:nGqfbQHbWNOmtuyeA1MtP
TLSH 6EA4010926F46B2EC53E47FAC1E4109003B4A1772A23F7995FE6B0CF19BBB608A51757
Reporter @abuse_ch
Tags:AgentTesla exe

AgentTesla SMTP exfil server:


Mail intelligence No data
# of uploads 1
# of downloads 25
Origin country US US
VirusTotal:Virustotal results 34.25%

Yara Signatures

Rule name:Agenttesla_type2
Author:JPCERT/CC Incident Response Group
Description:detect Agenttesla in memory
Reference:internal research
Rule name:CAP_HookExKeylogger
Author:Brian C. Bell -- @biebsmalwareguy
Rule name:win_agent_tesla_w1
Description:Detect Agent Tesla based on common .NET code sequences

File information

The table below shows additional information about this malware sample such as delivery method and external references.