MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 fb9459763557142c7aa30a783573930e54dc07612d22d19a7fb31aefaad9f4eb. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
Loki
Vendor detections: 4
| SHA256 hash: | fb9459763557142c7aa30a783573930e54dc07612d22d19a7fb31aefaad9f4eb |
|---|---|
| SHA3-384 hash: | 736537684d0245937477e36511718fa8c6e2c1bff70081ad4616f5304bcf3e25adf5f44f492dac3fe4f4f03c172d90d8 |
| SHA1 hash: | cd60247cfd1a3200897f5d698f695fd2cc03dd35 |
| MD5 hash: | b116c96b723c4ec64066b5479ad32cf4 |
| humanhash: | bravo-kentucky-oxygen-golf |
| File name: | Debit Advice_03Nov2020_113803.pdf.gz |
| Download: | download sample |
| Signature | Loki |
| File size: | 282'983 bytes |
| First seen: | 2020-11-03 13:46:54 UTC |
| Last seen: | 2020-11-05 07:54:47 UTC |
| File type: | zip |
| MIME type: | application/zip |
| ssdeep | 6144:40+MuX7QNPnq8i3EKnh7HpmOtXRSzm91Yb+1hH5:XzHZnnq5JNXRSzmkbAhH5 |
| TLSH | C254234139EB92E071B993FB63A5B6EAB191FF1F550F04E48DFAB8001ED4D0D08B9216 |
| Reporter |  GovCERT_CH |
| Tags: | Loki |
Intelligence
File Origin
# of uploads :
4
# of downloads :
67
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Threat name:
ByteCode-MSIL.Trojan.Ymacco
Status:
Malicious
First seen:
2020-11-03 09:45:09 UTC
AV detection:
22 of 29 (75.86%)
Threat level:
5/5
Detection(s):
Malicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
AgentTesla
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Dropped by
Loki
Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.