MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 f750528bd1946a07e1544ce433daef06185165b38e32274be878bcdf1118b889. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

AgentTesla

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	f750528bd1946a07e1544ce433daef06185165b38e32274be878bcdf1118b889
SHA3-384 hash:	5ecdc21585132e747368380dcb4109775f0867f92d1c60e71def9d6812fa2449eab07fb6d9b9fd085b0383146e24b3ab
SHA1 hash:	36d7f04d09b05a572c1655babd89c94c6cf2e697
MD5 hash:	e90e4bcf80b5cbaaf9bfbd0573df7a51
humanhash:	green-butter-freddie-snake
File name:	file.zip
Download:	download sample
Signature	AgentTesla Create hunting rule
File size:	1'368'678 bytes
First seen:	2020-05-04 20:23:51 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
ssdeep	24576:uzk/YHXrZVx2gD/JRFiuHpAsiJjUHKlSIsk50Die6Hb9weIHA8pYnKm3+milW9:DYHbbxFFzigAsiJ4GSIT0MHbwJp+B+mT
TLSH	8055338006900B14CC308EECAEF577F4188AD6B7F127A5BC48955BA95DFF5C8C1A7D2A
Reporter	abuse_ch
Tags:	AgentTesla geo TUR zip

abuse_ch

Malspam distributing AgentTesla:

HELO: server.netsiter.com
Sending IP: 176.223.124.73
From: info@nurol.com.tr
Subject: Re:Re FİYAT TEKLİFİ
Attachment: file.zip (contains "file.exe")

AgentTesla SMTP exfil server:
send.one.com:587