MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 be78f0732fe89044b8be12b8d752f32e6001c483c60f9c0db7bc34d04b26cd5e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AgentTesla
Vendor detections: 4
| SHA256 hash: | be78f0732fe89044b8be12b8d752f32e6001c483c60f9c0db7bc34d04b26cd5e |
|---|---|
| SHA3-384 hash: | 0cf90f9a2ee8b728ec44cde6b1777c895116210b8032a4446a61dbc02f839270a5fb0bac8d89996bafdc17f935aeade1 |
| SHA1 hash: | cc869af398453f518de48a0ef892b3ef08b6a50c |
| MD5 hash: | 189748e4741f99bb7387ca43358c88fb |
| humanhash: | green-white-low-bakerloo |
| File name: | AWB # 2205280630.jpg.ace |
| Download: | download sample |
| Signature | AgentTesla |
| File size: | 484'184 bytes |
| First seen: | 2021-03-10 08:14:43 UTC |
| Last seen: | 2021-03-11 03:20:38 UTC |
| File type: | ace |
| MIME type: | application/octet-stream |
| ssdeep | 12288:BcYWI3V1kkI0GLQQCzv0WbSUkieAHeWaI/39X5:UI3VNQWMWbSlieexaIFX5 |
| TLSH | 74A423D89E29FC073CDA83680D86C63499E1DBE5718712AD68B395FC8417E1DB1FA40B |
| Reporter |  GovCERT_CH |
| Tags: | AgentTesla |
Intelligence
File Origin
# of uploads :
5
# of downloads :
87
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
MALICIOUS
Gathering data
Threat name:
ByteCode-MSIL.Infostealer.Fareit
Status:
Malicious
First seen:
2021-03-10 03:47:37 UTC
AV detection:
19 of 47 (40.43%)
Threat level:
5/5
Detection(s):
Malicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.10
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Dropped by
AgentTesla
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.