Extracted

• • Target

    myori.jpg

  • Size

    738KB

  • MD5

    05910b6dcc01b7a2e43daf6f02e92b86

  • SHA1

    9e5caa06c5f351576b126d5bf9270a2fe2a3eabf

  • SHA256

    1bd16b971407f4aeb31f7eb8392b2299b22cc8e1778a8c770e7ac4c0150681e8

  • SHA512

    ffaf1bddb36123d230a605a1adf7028765219966105cc4cef01712bb049a72d7d003d1994ac5f631240bdb6a92130836e9cf3479e401917953abb25be9ec2341

  Score

  10^/10

  agentteslakeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla Payload

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spyware

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spyware

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2