MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 dd2842db373726c77c085e15402b9811daf264bdf31554692b1dc68420a567c8. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AgentTesla
Vendor detections: 5
| SHA256 hash: | dd2842db373726c77c085e15402b9811daf264bdf31554692b1dc68420a567c8 |
|---|---|
| SHA3-384 hash: | bc6d554d01454c3ec502c7fa3742e21ed13c9298b431a806dfd58513e03e0709c429215b74c8940efe90547982b3bd17 |
| SHA1 hash: | de7622eaf50bddd65efbdfee62ab128a7792cdd9 |
| MD5 hash: | 2b7df3761c760045f4e7bebcd55c6c06 |
| humanhash: | mississippi-texas-colorado-hot |
| File name: | Document.pdf.ace |
| Download: | download sample |
| Signature | AgentTesla |
| File size: | 839'024 bytes |
| First seen: | 2021-04-09 03:54:43 UTC |
| Last seen: | 2021-04-09 05:37:48 UTC |
| File type: | ace |
| MIME type: | application/octet-stream |
| ssdeep | 24576:XVXiOgk5JnCJLjoMbq/oGYS5mOGTLgr4l:XVXiy5tCJAMba9PlmErw |
| TLSH | B40523F5124DB30C09EACA6ADA6651A8488E1A10346CEF5C61EB4DF37EF19C4E5370E7 |
| Reporter |  GovCERT_CH |
| Tags: | AgentTesla |
Intelligence
File Origin
# of uploads :
2
# of downloads :
167
Origin country :
n/a
Vendor Threat Intelligence
Result
Verdict:
MALICIOUS
Threat name:
Win32.Infostealer.Fareit
Status:
Malicious
First seen:
2021-04-09 03:53:03 UTC
File Type:
Binary (Archive)
Extracted files:
55
AV detection:
10 of 48 (20.83%)
Threat level:
5/5
Detection(s):
Malicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Dropped by
AgentTesla
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.