MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 8f2734b349066f67b40ca3ddb4a6678e89cc1d0dfc5d90afb20a1dccb1073c8f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AgentTesla
Vendor detections: 7
| SHA256 hash: | 8f2734b349066f67b40ca3ddb4a6678e89cc1d0dfc5d90afb20a1dccb1073c8f |
|---|---|
| SHA3-384 hash: | 87064b9909a9308f22d22a39d3996652caa9d3a25dc4c22ba0762b73b31b6fea362da2c18d25132cb08cfe433532ac7a |
| SHA1 hash: | d5ead22a960682b7ee7e0e52cec3d58f14dd302c |
| MD5 hash: | 49f2cd19c112cf3de6e8474be05a5bde |
| humanhash: | item-eleven-snake-juliet |
| File name: | Inquiry-05201569.rar |
| Download: | download sample |
| Signature | AgentTesla |
| File size: | 1'215'245 bytes |
| First seen: | 2026-07-03 17:51:27 UTC |
| Last seen: | 2026-07-03 17:53:15 UTC |
| File type: | rar |
| MIME type: | application/x-rar |
| ssdeep | 24576:FyWfXoTuGymOQVxi23IGYPHTtyIWKqWlmYZrdiXvrjk3wDgurvd358vGY:7oTwxH23EfTMcqWlm+wXvvk7uzdJ8uY |
| TLSH | T14045330C075CB1EAD6D8FD0EBA045F9FD6806C35E43240B2275196EFEAE11885DABBC5 |
| TrID | 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1) 38.4% (.RAR) RAR compressed archive (gen) (5000/1) |
| Magika | rar |
| Reporter | |
| Tags: | AgentTesla rar |
Intelligence
File Origin
# of uploads :
3
# of downloads :
27
Origin country :
CHFile Archive Information
This file archive contains 1 file(s), sorted by their relevance:
| File name: | Inquiry-05201569.JS |
|---|---|
| File size: | 3'642'968 bytes |
| SHA256 hash: | 96e22da4d5c0ea4b0efde0ad3eaa8fdedc60228f84fb3c56899afbb9338da2a1 |
| MD5 hash: | efd92efb0321bf811e74717974b14897 |
| MIME type: | text/plain |
| Signature | AgentTesla |
Vendor Threat Intelligence
Detection(s):
Verdict:
Malicious
Score:
94.9%
Tags:
spawn lien blic hype
Verdict:
Malicious
Threat level:
10/10
Confidence:
100%
Tags:
anti-debug dropper evasive obfuscated obfuscated packed repaired
Verdict:
Malicious
File Type:
rar
First seen:
2026-06-15T08:28:00Z UTC
Last seen:
2026-06-15T08:35:00Z UTC
Hits:
~10
Gathering data
Threat name:
Script-JS.Spyware.Negasteal
Status:
Malicious
First seen:
2026-07-03 17:56:32 UTC
File Type:
Binary (Archive)
Extracted files:
1
AV detection:
13 of 23 (56.52%)
Threat level:
2/5
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.70
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
AgentTesla
rar 8f2734b349066f67b40ca3ddb4a6678e89cc1d0dfc5d90afb20a1dccb1073c8f
(this sample)
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.