MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ce122155dda106a8535e459e97cc26aeb4d0257a3f0d0cdd91440623748891f7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ce122155dda106a8535e459e97cc26aeb4d0257a3f0d0cdd91440623748891f7
SHA3-384 hash: 669dd362db6e904d743c14ec67fc389a4d53e6a9e63aa805720fc9421c60605727f3d260fb484e7f93fc5cedfb71d2a3
SHA1 hash: 9ae398f44c3451c8a266d07eafb2244961b765eb
MD5 hash: a85f5bbfdffd94528a586ad2e427ba3d
humanhash: lion-angel-table-jig
File name:rpt_29336446_20201905161204798.pdf.7z
Download: download sample
File size:487'982 bytes
First seen:2020-05-20 07:49:10 UTC
Last seen:Never
File type: 7z
MIME type:application/x-rar
ssdeep 12288:z4AWYqWhby3SQQXDfepsnpJ1BvDhZO4U/JIWB:z4dYhc3SQYXBBlZOX/S0
TLSH 81A423F284547F2343DDEEBF554246F25A2B94EA848B4EDD28075BDD8BA000988BF751
Reporter abuse_ch
Tags:7z


Avatar
abuse_ch
Malspam distributing unidentified malware:

HELO: mail.websitetestingtoday.best
Sending IP: 79.124.8.124
From: Tom Nosker <tjnoskar@gmail.com>
Subject: Urgent Onahama booking AWP CN12E ex USA - X
Attachment: rpt_29336446_20201905161204798.pdf.7z (contains "rpt_29336446_20201905161204798.pdf.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
81
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.Agensla
Create hunting rule
Status:
Malicious
First seen:
2020-05-20 08:36:55 UTC
File Type:
Binary (Archive)
Extracted files:
16
AV detection:
16 of 30 (53.33%)
Threat level:
  2/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=zyjccvo5uedkqu26iwpjptbgv22najl2h4gqzxmriqdcg5eish3q._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

7z ce122155dda106a8535e459e97cc26aeb4d0257a3f0d0cdd91440623748891f7

(this sample)

Executable exe 3aed1fc591ecfec392005089c870bd1f645f352a99912c1de774918e1de67f8d

  
Dropping
MD5 e1772cd858fa9fc99555967ca5442ed5
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 3aed1fc591ecfec392005089c870bd1f645f352a99912c1de774918e1de67f8d

Comments