MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 adaec536579d4cd69f9729137da49811c3cb6a03c73ee4a2ca755ff42aab49af. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 2


Intelligence 2 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: adaec536579d4cd69f9729137da49811c3cb6a03c73ee4a2ca755ff42aab49af
SHA3-384 hash: 72387941002401c69d102e9d7a277df7efba81f5396bc00c81e7de92cffd294953d996b52973903eedfb9d3691da5e85
SHA1 hash: c5e128853d049c57241ae018e755db2696fcdf8d
MD5 hash: ffa00717a9e34d10dc3fe996fe685f01
humanhash: nuts-illinois-thirteen-kitten
File name:order87y9708768787h.zip
Download: download sample
Signature AgentTesla
Create hunting rule
File size:258'275 bytes
First seen:2020-10-28 15:16:40 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:9z3AN5zFVKjLWnkndYQMhwluCXOh3OerV9Tqj7Fy4DNvwwr+CC3A:9rAN5zFCCnkndLMhwluMOh3OepobDLAA
TLSH A8442360647FFB3BE90BC8A6CF713E0D12A51C3249AF6B647874D42A72C27F91079594
Reporter abuse_ch
Tags:AgentTesla zip


Avatar
abuse_ch
Malspam distributing AgentTesla:

HELO: hypemc.org
Sending IP: 185.236.231.206
From: Zlata <support@hypemc.org>
Subject: PO# 564578697887 deliver before 20th november
Attachment: order87y9708768787h.zip (contains "order87y9708768787h.exe")

AgentTesla SMTP exfil server:
mail.fetichalga.com:587

Intelligence

File Origin
# of uploads :
1
# of downloads :
85
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Trojan.GenericKD.44243374.25304.2851.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/adaec536579d4cd69f9729137da49811c3cb6a03c73ee4a2ca755ff42aab49af/
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=vwxmknsxtvgnnh4xfejx3jeychb4w2qdy47ojiwkovp7ikvljgxq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

zip adaec536579d4cd69f9729137da49811c3cb6a03c73ee4a2ca755ff42aab49af

(this sample)

AgentTesla

Executable exe 84963ca54f8eb0ce82a218b12f064e0974f72bf100aa22452b1ebcb5a5d39db3

  
Dropping
MD5 e9108b5aa08a587a3c4f2211f1592bc6
  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 84963ca54f8eb0ce82a218b12f064e0974f72bf100aa22452b1ebcb5a5d39db3

Comments