MalwareBazaar Database
You are currently viewing the MalwareBazaar entry for SHA256 ff5c02d0b527a1c94ca3312cdd7f902d49f6d44440a697d8f3a1da6f87f02834. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.
Database Entry
AgentTesla
Vendor detections: 4
| SHA256 hash: | ff5c02d0b527a1c94ca3312cdd7f902d49f6d44440a697d8f3a1da6f87f02834 |
|---|---|
| SHA3-384 hash: | 2857a486b10ad58a3458dbbc7ff444a67943881b58284e24576be3e0e0790eb0f298cd4ed42afaa5fa7112aea97ed663 |
| SHA1 hash: | 36e664a476bc44ad4499e324b18a212dc5985275 |
| MD5 hash: | 906d67c66763ed2b1af2f73ba68935ee |
| humanhash: | minnesota-victor-massachusetts-mirror |
| File name: | RFQ-Fn909-20.DOCUment-NEW.hd.zip |
| Download: | download sample |
| Signature | AgentTesla |
| File size: | 471'824 bytes |
| First seen: | 2020-09-10 07:18:48 UTC |
| Last seen: | Never |
| File type: | zip |
| MIME type: | application/zip |
| ssdeep | 12288:SVvn5zh9B/jRKJDxzQEO/RkS/ZGn1qv88NDh6:2n5zPdRKhO/2eZ6q7h6 |
| TLSH | FEA423C1C08DCA6F7D286498733AD74CE023B67562D8897E37E548BC89447946EA7B3C |
| Reporter |  GovCERT_CH |
| Tags: | AgentTesla |
Intelligence
File Origin
# of uploads :
1
# of downloads :
100
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Threat name:
ByteCode-MSIL.Trojan.Perseus
Status:
Malicious
First seen:
2020-09-09 18:35:11 UTC
AV detection:
9 of 48 (18.75%)
Threat level:
5/5
Detection(s):
Malicious file
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Kryptik
Score:
1.00
File information
The table below shows additional information about this malware sample such as delivery method and external references.
Malspam
exe Delivery method
Distributed via e-mail attachment
Comments
Login required
You need to login to in order to write a comment. Login with your abuse.ch account.