MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c77845f6b361b20a24d3c99ac9b7754c93ed51906c08ef9a04e3bebf68e8d861. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

AgentTesla

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	c77845f6b361b20a24d3c99ac9b7754c93ed51906c08ef9a04e3bebf68e8d861
SHA3-384 hash:	8fd542921610bf7424894b667df76f807b9a1f46a4716cec49a75c8935a24efd2b68cc0143641e3771801a9b3c025c38
SHA1 hash:	4e97f454b34cb1cb941fa45c86c754d9a4b5dc7a
MD5 hash:	d4519f6f46115618af1f300e818bd482
humanhash:	iowa-twenty-pennsylvania-three
File name:	mnb(2).exe
Download:	download sample
Signature	AgentTesla Create hunting rule
File size:	61'952 bytes
First seen:	2020-07-29 08:29:06 UTC
Last seen:	Never
File type:	dll
MIME type:	application/x-dosexec
imphash	dae02f32a21e03ce65412f6e56942daa (123 x YellowCockatoo, 60 x CobaltStrike, 44 x JanelaRAT)
ssdeep	1536:hgtk07N/MnFUfkmEqviMx6nTFT9hbA11nel:hgJUnFUc7qTx6nTFTLA7A
Threatray	1'661 similar samples on MalwareBazaar
TLSH	49533A01338B871AC5681676C5FF212403F9FB826E73EA99BE4C53895E5339B6E01B4C
Reporter	oppimaniac
Tags:	AgentTesla

Intelligence

File Origin

# of uploads :

1

# of downloads :

67

Origin country :

n/a

Vendor Threat Intelligence

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/34645/

Detection(s):

SecuriteInfo.com.Variant.MSILPerseus.226001.29437.31732.UNOFFICIAL

Result

Verdict:

Clean

Maliciousness:

Result

Threat name:

Unknown

Detection:

suspicious

Classification:

evad

Score:

20 / 100

Link:

https://www.joesandbox.com/analysis/402086

Signature

(

)

.

a

b

c

d

E

f

h

i

k

l

m

N

o

p

r

s

T

u

y

Behaviour

Behavior Graph:

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/c77845f6b361b20a24d3c99ac9b7754c93ed51906c08ef9a04e3bebf68e8d861/

Threat name:

Win32.Trojan.Perseus

Status:

Malicious

First seen:

2020-07-27 23:38:51 UTC

AV detection:

15 of 29 (51.72%)

Threat level:

5/5

Verdict:

malicious

Label(s):

agenttesla

Similar samples:

066bdbaf5b5526cc3040573bea83da7a384e0c97df13d50a7cc0716b1dd8e6ac

1aa5b67368a2085918c2494f407d32ae358bfaf7899e7b921d23afb75a760328

87577cf9a668390b93b9fe82794b21cd0579d4b1a7b4f0a4d0b841d03d046daa

8b7410e87d3dae734ce56c38b3d8601f5e79549afd5820da9014e93bbb00bc95

956924c4c488e005c78dc54ea5303ebb69544d21274c0afbce6e81ab0e7b21b7

ace64cbe1ef91a0b14602264fe0de8e3698cb8b901cbd6251b3fd11d87a0bef6

b87295a4b2fb2d2f4df9d502d52e2f50a5e9b3ba9f56b17e252fa0f3022ae6f4

d286b259d2a986d300bffff49e6047c2e48af4d85e6936703e7b167266fdcc63

d509d5b477c690a8aab177f7b76506ff8ff7f5436d736f65dccb2593e6113db6

d9edf42affd4dae1e5c0260eb6095e8ea3f03812e2479820dc6a41183adbe827

+ 1'651 additional samples on MalwareBazaar

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/200729-j67nlc9c56/

Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Cape

Cape

https://www.capesandbox.com/analysis/34645/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample