MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 ea7b8d2f3740597eb0b0491252fcf862fda3ea3f8f09ab8a9f951d46d3883d31. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AgentTesla
Vendor detections: 2
| SHA256 hash: | ea7b8d2f3740597eb0b0491252fcf862fda3ea3f8f09ab8a9f951d46d3883d31 |
|---|---|
| SHA3-384 hash: | a715d0b0dd6bdb408d7c1e1410da722de4e01d97a256e10de63d593ef85c77b606e6d80cf096b280895f1aa20916e17e |
| SHA1 hash: | 8c92c39ba2d81c0ed1babc14a6f3c89106bb73ef |
| MD5 hash: | 9845ef686091a5ca26e7297883663789 |
| humanhash: | india-kansas-connecticut-apart |
| File name: | 009485764534232_pdf.ace |
| Download: | download sample |
| Signature | AgentTesla |
| File size: | 382'939 bytes |
| First seen: | 2020-06-15 05:32:33 UTC |
| Last seen: | 2020-06-15 15:46:42 UTC |
| File type: | ace |
| MIME type: | application/octet-stream |
| ssdeep | 6144:m1oOB0JjPZf3ZRy9ontQJ03v0tGzO+/68OYc6XQI7lv8teKMD4apmmZh+b7CQlYd:aIPx3Py9ontO0faGzE8Ob6XLznmZjYxn |
| TLSH | 808423CB83B0D0C985A5C0BBA45DF09585BEB2B3599BB329D18DED09C51CAD3D73A132 |
| Reporter |  jarumlus |
Intelligence
File Origin
# of uploads :
3
# of downloads :
58
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Spyware.Negasteal
Status:
Malicious
First seen:
2020-06-15 01:27:20 UTC
AV detection:
19 of 31 (61.29%)
Threat level:
2/5
Please note that we are no longer able to provide a coverage score for Virus Total.
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.