MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 be0db474a814c10a138d93e422cca70330437d23d9c838a0c08471e81bc8ad75. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 2 File information 4 Yara Comments

SHA256 hash: be0db474a814c10a138d93e422cca70330437d23d9c838a0c08471e81bc8ad75
SHA3-384 hash: 8e4c0339dfa7c5ba86813e9631a2a76565e7ae95a6fa36c1bd47e1c41b3fa95b52dee66a3474e27771ee06ca12f8648a
SHA1 hash: 7b0cc826299e8f626ec86a08c32d9bedc17c10a3
MD5 hash: 37c180fadf603fbcd7122e36e11edf6e
humanhash: alpha-oklahoma-one-summer
File name:Payment
Download: download sample
Signature AgentTesla
File size:398'872 bytes
First seen:2020-06-30 13:59:50 UTC
Last seen:Never
File type: zip
MIME type:application/zip
ssdeep 6144:a1Bq+rKeYCkh3+QezYSZ7eTuXxnxXd9Y4qAsBWXXIh0IoiHtpFS1X/Sl0LR1x3:W4duGcyUlzYRAsBWnFeHtfe/SlE1x3
TLSH 848423745DC160F3CD2546E9C3C9E3E8864F051766B8CE599B8F8B218638ECAD02EDA5
Reporter @jarumlus


Mail intelligence
Trap location Impact
Global High
NL Netherlands Low
# of uploads 1
# of downloads 30
Origin country FR FR
ClamAV Sanesecurity.Malware.21237.ZipHeur.UNOFFICIAL
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:ByteCode-MSIL.Trojan.Wacatac
First seen:2020-06-30 10:54:00 UTC
AV detection:21 of 46 (45.65%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
VirusTotal:Virustotal results 15.38%

File information

The table below shows additional information about this malware sample such as delivery method and external references.



zip be0db474a814c10a138d93e422cca70330437d23d9c838a0c08471e81bc8ad75

(this sample)

Dropped by
Delivery method
Distributed via e-mail attachment