MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 b77844c34e0912c044b0ed98429feab162b209496fbd79ea919ec9d3e787675e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: b77844c34e0912c044b0ed98429feab162b209496fbd79ea919ec9d3e787675e
SHA3-384 hash: 8ce679a81cdd0653b7e02de2865a2d4072d6d3f45d3638c201fce5a4c5bffbdb03c59f10b0f15cd802c8d595d68c8248
SHA1 hash: aff77cf87b64da93f43d038b05cd63d089e3d799
MD5 hash: a638ffef0f01d4bddb5d475f6cb926ee
humanhash: texas-april-speaker-four
File name:Order C0nfirmation.gz
Download: download sample
Signature AgentTesla
Create hunting rule
File size:1'084'829 bytes
First seen:2020-08-19 16:05:51 UTC
Last seen:Never
File type: gz
MIME type:application/gzip
ssdeep 24576:7CQRn/z2GaZRI/hMcOueDDKyJRUaMiC/w2OSX:me/MZmpMcOF3UoCX
TLSH 0F3533F409156C6F5F46325064E8F22CAC616474FD3E21EB223699C176B0FE7FB26A42
Reporter cocaman
Tags:AgentTesla gz


Avatar
cocaman
Malicious email
From: ML ELINVERNA <info@Kharabwadi.com>
Received: from itrad3r.com (itrad3r.com [78.47.220.153])
Date: Wed, 19 Aug 2020 18:02:34 +0200
Subject: Order Confirmation
Attachment: Order C0nfirmation.gz

Intelligence

File Origin
# of uploads :
1
# of downloads :
78
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
SecuriteInfo.com.Generic.mg.afc62aeaf38dc504.13005.UNOFFICIAL
Create hunting rule

Detection:
n/a
Link:
https://mwdb.cert.pl/sample/b77844c34e0912c044b0ed98429feab162b209496fbd79ea919ec9d3e787675e/
Threat name:
ByteCode-MSIL.Trojan.Taskun
Create hunting rule
Status:
Malicious
First seen:
2020-08-19 16:07:06 UTC
File Type:
Binary (Archive)
Extracted files:
5
AV detection:
21 of 29 (72.41%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=w54ejq2obejmarfq5wmefh7kwfrleckjn66xt2urt3e5hz4hm5pa._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Eldorado
Score:
0.90
Link:
https://yomi.yoroi.company/submissions/b77844c34e0912c044b0ed98429feab162b209496fbd79ea919ec9d3e787675e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

gz b77844c34e0912c044b0ed98429feab162b209496fbd79ea919ec9d3e787675e

(this sample)

AgentTesla

Executable exe f150b76e622e7da135e3d47a20c424aa20a6efeb839b15d301c17233bdcbc9f4

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 f150b76e622e7da135e3d47a20c424aa20a6efeb839b15d301c17233bdcbc9f4

Comments