MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 b64a4a21b0bf2aea92c6bd3c908c4208e6a3ef41e52fb720e59302ff44538c93. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AgentTesla
Vendor detections: 2
| SHA256 hash: | b64a4a21b0bf2aea92c6bd3c908c4208e6a3ef41e52fb720e59302ff44538c93 |
|---|---|
| SHA3-384 hash: | 3c50f5462b2014543095b7d3f0c13f32f99dfbbf7bef1e4425fb80e4cc4eb9a3292d42863e8bb36c7b425233ee7dce25 |
| SHA1 hash: | b51b664587e75b5607caf0e9ba6169bdaf196f66 |
| MD5 hash: | d6bea5d57f06b9d5497a87fa4ddafc66 |
| humanhash: | hamper-march-queen-march |
| File name: | Payee advise Updated value date due to COVID-19 Lockdown.cab |
| Download: | download sample |
| Signature | AgentTesla |
| File size: | 411'546 bytes |
| First seen: | 2020-04-21 05:51:05 UTC |
| Last seen: | Never |
| File type: | cab |
| MIME type: | application/vnd.ms-cab-compressed |
| ssdeep | 12288:JxvM2Knttx4gQy4OT9lJZE1JvhEm8O+wxNSnL4gufY:Jx5Qx/QyDHYPv3NSnLwQ |
| TLSH | 709423E3163F516EA9390DE99FBEA270571707B432E19259B01CE284E79FC31182BB70 |
| Reporter |  cocaman |
| Tags: | cab |
Intelligence
File Origin
# of uploads :
1
# of downloads :
79
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.Rdn
Status:
Malicious
First seen:
2020-04-20 20:49:44 UTC
File Type:
Binary (Archive)
Extracted files:
5
AV detection:
24 of 31 (77.42%)
Threat level:
5/5
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
exe Delivery method
Distributed via e-mail link
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.