MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c1b9977e66c9439e03addc95d4a6fc8b5325cacfdb040d74a973f678d45342ef. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 4


Intelligence 4 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c1b9977e66c9439e03addc95d4a6fc8b5325cacfdb040d74a973f678d45342ef
SHA3-384 hash: 534c91d5cb9ddaf90ff2e44359503e42026c27b82ed45e8e4a38e6f0f5b3b760b5a037ab7072a3b78245304ad86d363e
SHA1 hash: 5606e9b983910ea985e36cff82077484b2ccfa7b
MD5 hash: 652bcb6a888de0b19ba5e56cb05a8221
humanhash: twenty-twelve-stream-low
File name:e2aa8d03cacc704881b2ffe07eda4ffb
Download: download sample
File size:1'036'288 bytes
First seen:2020-11-17 15:48:12 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash f34d5f2d4577ed6d9ceec516c1f5a744 (48'649 x AgentTesla, 19'452 x Formbook, 12'201 x SnakeKeylogger)
ssdeep 12288:vgkVwGXmxXkgQIExWIp4IRefKBb8JTtzXjlVnS9Wjy7ABeZ0Ph:M1UWXuezJTtnlVvyEMZWh
TLSH 9E256A60778C5F8BE52942BA40909818B3FADE03AF27D5187C5D396EC2B1F11F91EE52
Reporter seifreed

Intelligence

File Origin
# of uploads :
1
# of downloads :
57
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
Malware
Maliciousness:

Behaviour
Creating a window
Launching a process
Launching cmd.exe command interpreter
Result
Verdict:
MALICIOUS
Details
Windows PE Executable
Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c1b9977e66c9439e03addc95d4a6fc8b5325cacfdb040d74a973f678d45342ef/
Threat name:
Win32.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-11-17 15:55:58 UTC
AV detection:
28 of 48 (58.33%)
Threat level:
  5/5
Unpacked files
SH256 hash:
c1b9977e66c9439e03addc95d4a6fc8b5325cacfdb040d74a973f678d45342ef
MD5 hash:
652bcb6a888de0b19ba5e56cb05a8221
SHA1 hash:
5606e9b983910ea985e36cff82077484b2ccfa7b
Link:
https://www.unpac.me/results/c10cf337-5785-411d-b9cf-e8ef65af4479/
SH256 hash:
c8671a87d685f2354d96f3cfcad530dfa5f3ec535a0f5ec14940d81fb857813b
MD5 hash:
b5358f677850210361f573c7d249c258
SHA1 hash:
215e06e319515d779efa88f7c05b343d6ec3f6a5
Link:
https://www.unpac.me/results/c10cf337-5785-411d-b9cf-e8ef65af4479/
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

  
Delivery method
Other

Comments