MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9416ab857761a22a9fa58de901553d9fd7cfc03f2e1f8ab15e552540a8283985. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 4 Yara Comments

SHA256 hash: 9416ab857761a22a9fa58de901553d9fd7cfc03f2e1f8ab15e552540a8283985
SHA3-384 hash: 9b178504c17ffdc80a4b9ad69d7adc2175c154fa5e150edca13c41018ca5726c15a6b1c139f582ab5da78a86fd15f440
SHA1 hash: c737e0595d96c1381ee842a7412036db9828befc
MD5 hash: 7017966e5b2875919c72f36d38653d76
humanhash: delta-oscar-victor-gee
File name:Purchase Order - DRR 30-06-2020.iso
Download: download sample
Signature AgentTesla
File size:471'040 bytes
First seen:2020-06-30 17:25:34 UTC
Last seen:Never
File type: iso
MIME type:application/x-iso9660-image
ssdeep 6144:v0Bi2nZjQmD9lEISCq+pFvz/oPabZx9NUqyyHBxiQ5zSdtobnaUB:v0w2nCcQBazis3/HviIscjB
TLSH 8CA4013633699B19D6F9ABF1502224610F72BC076531E20E3D8C74CE1B73B50A695F6B
Reporter @cocaman
Tags:AgentTesla iso

Malicious email
From: Ranida Wongpiya <>
Received: from (unknown [])
Date: 30 Jun 2020 14:39:25 -0700
Subject: RFQ - Purchase Order - DRR 30-06-2020
Attachment: Purchase Order - DRR 30-06-2020.iso


Mail intelligence
Trap location Impact
CH Switzerland Low
Global High
# of uploads 1
# of downloads 31
Origin country US US
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Geniso
First seen:2020-06-30 07:54:23 UTC
AV detection:18 of 48 (37.50%)
Threat level:   2/5
Spamhaus Hash Blocklist :Malicious file
VirusTotal:Virustotal results 28.33%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



iso 9416ab857761a22a9fa58de901553d9fd7cfc03f2e1f8ab15e552540a8283985

(this sample)

Delivery method
Distributed via e-mail attachment