MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b5c4747d9d0259bd984a9d795eb779b0e3d97ee737d929ece008622c9b83e29d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Intelligence 1 File information 4 Yara Comments

SHA256 hash: b5c4747d9d0259bd984a9d795eb779b0e3d97ee737d929ece008622c9b83e29d
SHA1 hash: 3bd24b3929025c63f441883bf28daeffcc21d9e1
MD5 hash: 56f39d793cd1798d69f44ca644dd9d2f
File name:SamplesSpecification0908999.zip
Download: download sample
Signature AgentTesla
File size:396'437 bytes
First seen:2020-05-23 11:58:16 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:pUBI0gN0raa2CLon79mtvD0wOP6naMQEiZroR57TsCTEEZ/pwm8Hw:iBIxN0ragcn7AOPQQRw7QC7b8Hw
TLSH 8684238F880BAB75695FDE183CFB315287956EEC54AD1405C4C84EDB33A22BC1A5C8F9
Reporter @abuse_ch
Tags:AgentTesla Yahoo zip


Twitter
@abuse_ch
Malspam distributing AgentTesla:

HELO: sonic304-21.consmr.mail.ir2.yahoo.com
Sending IP: 77.238.179.146
From: Farshid Bolghari <aymanattar2006@yahoo.com>
Reply-To: Farshid Bolghari <aymanattar2006@yahoo.com>
Subject: SAMPLES
Attachment: SamplesSpecification0908999.zip (contains "Samples&Specification0908999.bat")

AgentTesla SMTP exfil server:
mail.ejitech.com.ng:587

Intelligence


Mail intelligence
Trap location Impact
Global Low
# of uploads 1
# of downloads 20
Origin country US US
ClamAV SecuriteInfo.com.Trojan.Hosts.47613.20169.5803.UNOFFICIAL
VirusTotal:Virustotal results 19.70%

File information


The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

zip b5c4747d9d0259bd984a9d795eb779b0e3d97ee737d929ece008622c9b83e29d

(this sample)

  
Dropping
AgentTesla
  
Delivery method
Distributed via e-mail attachment

Comments