MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8f2734b349066f67b40ca3ddb4a6678e89cc1d0dfc5d90afb20a1dccb1073c8f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry



AgentTesla


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments

SHA256 hash: 8f2734b349066f67b40ca3ddb4a6678e89cc1d0dfc5d90afb20a1dccb1073c8f
SHA3-384 hash: 87064b9909a9308f22d22a39d3996652caa9d3a25dc4c22ba0762b73b31b6fea362da2c18d25132cb08cfe433532ac7a
SHA1 hash: d5ead22a960682b7ee7e0e52cec3d58f14dd302c
MD5 hash: 49f2cd19c112cf3de6e8474be05a5bde
humanhash: item-eleven-snake-juliet
File name:Inquiry-05201569.rar
Download: download sample
Signature AgentTesla
File size:1'215'245 bytes
First seen:2026-07-03 17:51:27 UTC
Last seen:2026-07-03 17:53:15 UTC
File type: rar
MIME type:application/x-rar
ssdeep 24576:FyWfXoTuGymOQVxi23IGYPHTtyIWKqWlmYZrdiXvrjk3wDgurvd358vGY:7oTwxH23EfTMcqWlm+wXvvk7uzdJ8uY
TLSH T14045330C075CB1EAD6D8FD0EBA045F9FD6806C35E43240B2275196EFEAE11885DABBC5
TrID 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1)
38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Magika rar
Reporter TomU
Tags:AgentTesla rar

Intelligence


File Origin
# of uploads :
3
# of downloads :
27
Origin country :
CH CH
File Archive Information

This file archive contains 1 file(s), sorted by their relevance:

File name:Inquiry-05201569.JS
File size:3'642'968 bytes
SHA256 hash: 96e22da4d5c0ea4b0efde0ad3eaa8fdedc60228f84fb3c56899afbb9338da2a1
MD5 hash: efd92efb0321bf811e74717974b14897
MIME type:text/plain
Signature AgentTesla
Vendor Threat Intelligence
Verdict:
Malicious
Score:
94.9%
Tags:
spawn lien blic hype
Verdict:
Malicious
Threat level:
  10/10
Confidence:
100%
Tags:
anti-debug dropper evasive obfuscated obfuscated packed repaired
Verdict:
Malicious
File Type:
rar
First seen:
2026-06-15T08:28:00Z UTC
Last seen:
2026-06-15T08:35:00Z UTC
Hits:
~10
Gathering data
Threat name:
Script-JS.Spyware.Negasteal
Status:
Malicious
First seen:
2026-07-03 17:56:32 UTC
File Type:
Binary (Archive)
Extracted files:
1
AV detection:
13 of 23 (56.52%)
Threat level:
  2/5
Please note that we are no longer able to provide a coverage score for Virus Total.

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

rar 8f2734b349066f67b40ca3ddb4a6678e89cc1d0dfc5d90afb20a1dccb1073c8f

(this sample)

  
Delivery method
Distributed via e-mail attachment

Comments