MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 daab30258ecd26e8a01ade68549f00a8022450c61cc9d7453f43e658d2058b57. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Matiex


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: daab30258ecd26e8a01ade68549f00a8022450c61cc9d7453f43e658d2058b57
SHA3-384 hash: a2a19931ec69f82b28e6ee27275cd8211e99c46d8b333d443c540d4f64bbb28e36d9a5b99e498460afcea77a656b3b92
SHA1 hash: 1b1faccae5269e62e9e6e6c73aad9774882d19da
MD5 hash: ffa8362f4483ef44c726371f6a7cf8f5
humanhash: utah-kansas-winter-sixteen
File name:tt0987.rar
Download: download sample
Signature Matiex
Create hunting rule
File size:435'287 bytes
First seen:2020-10-25 17:19:59 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
ssdeep 12288:c+VJc0TlOzCfdT1n3oQbv6OBJwT44A6cLs:DbcUlOzaT1nJbv6OJw04+s
TLSH ED94236DA85F3D3C34A7D395155EF738686C44AF9E45BD80B004EAED4E033C632A909D
Reporter abuse_ch
Tags:Matiex rar


Avatar
abuse_ch
Malspam distributing Matiex:

HELO: emgroup-my.com
Sending IP: 202.75.52.170
From: admin@emgroup-my.com <admin@emgroup-my.com>
Reply-To: admin@emgroup-my.com
Subject: DOCUMENTS
Attachment: tt0987.rar (contains "tt0987.exe")

Intelligence

File Origin
# of uploads :
1
# of downloads :
66
Origin country :
n/a
Vendor Threat Intelligence
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/daab30258ecd26e8a01ade68549f00a8022450c61cc9d7453f43e658d2058b57/
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-10-25 10:27:27 UTC
AV detection:
14 of 29 (48.28%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=3kvtajmozutoria23zufjhyavabciuggdte5orj7iptfruqfrnlq._file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/daab30258ecd26e8a01ade68549f00a8022450c61cc9d7453f43e658d2058b57

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

Matiex

rar daab30258ecd26e8a01ade68549f00a8022450c61cc9d7453f43e658d2058b57

(this sample)

Matiex

Executable exe 87f611dc06334ac8fd9cf702bc925d4aa921e927658b1ab8a1f58e6ddf3e8817

  
Dropping
MD5 7e35350a53c02df5e2ae773d362f8d68
  
Dropping
Matiex
  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 87f611dc06334ac8fd9cf702bc925d4aa921e927658b1ab8a1f58e6ddf3e8817

Comments