MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ee578ce16f8ab5ae9d42b207a665c60c618b4155e5ff47c9a0b8a68686a34151. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


AgentTesla


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: ee578ce16f8ab5ae9d42b207a665c60c618b4155e5ff47c9a0b8a68686a34151
SHA3-384 hash: 5c776d424d596700f28b49cede2645b49d0cef4f16695abe3351563a826ce7aad5be78d18b5b1decaacad160c4d5054f
SHA1 hash: 280be1a6f8a9229dfcd18c282e44ceb74fdd208e
MD5 hash: 813bacd049ca34c14d13944bbd57e010
humanhash: colorado-india-jig-august
File name:J CALLI INTERNATIONAL SDN BHD RFQ_PDF.gz
Download: download sample
Signature AgentTesla
Create hunting rule
File size:382'383 bytes
First seen:2020-06-15 05:40:31 UTC
Last seen:Never
File type: gz
MIME type:application/x-rar
ssdeep 6144:ldYdt3MX1At2ldZUZ6rJnE6pP4Miv5lKqDVqMvXOQYvYbU+8KY0+Rdy8oqE:ldYEX6CZUZ6NnE616fDVV2NOR8KY0+qV
TLSH 9984238E4BE3C3694889F5A48BD9DFF48843D433A5CAD67BAE34F2F5687114A37A4100
Reporter cocaman
Tags:AgentTesla gz


Avatar
cocaman
Malicious email
From: "J.Calli International Sdn. Bhd." <sales2@jcalli.com.my>
Received: from globe3email.hostcentral.net (mail.globe3.com [103.53.172.34])
Date: Sun, 14 Jun 2020 21:49:58 +0100
Subject: REQUEST FOR QUOTATION FROM J.CALLI INTERNATIONAL SDN.BHD.
Attachment: J CALLI INTERNATIONAL SDN BHD RFQ_PDF.gz

Intelligence

File Origin
# of uploads :
1
# of downloads :
62
Origin country :
n/a
Vendor Threat Intelligence
Gathering data
Threat name:
ByteCode-MSIL.Trojan.AgentTesla
Create hunting rule
Status:
Malicious
First seen:
2020-06-15 05:42:09 UTC
File Type:
Binary (Archive)
Extracted files:
10
AV detection:
23 of 31 (74.19%)
Threat level:
  5/5
Detection(s):
Malicious file
Link:
https://check.spamhaus.org/check/?searchterm=5zlyzylprk225hkcwid2mzogbrqywqkv4x7upsnaxctinbvdifiq._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Malspam

AgentTesla

gz ee578ce16f8ab5ae9d42b207a665c60c618b4155e5ff47c9a0b8a68686a34151

(this sample)

AgentTesla

Executable exe b744e2179181f87523cfc99ed87eea6a6dd59b7ea69ed18ec541b6d982f5589b

  
Delivery method
Distributed via e-mail attachment
  
Dropping
SHA256 b744e2179181f87523cfc99ed87eea6a6dd59b7ea69ed18ec541b6d982f5589b
  
Dropping
AgentTesla

Comments