AgentTesla

Agent Tesla is a remote access tool (RAT) written in visual basic.

CoreEntity .NET Packer

A .NET packer called CoreEntity where it has embedded the payload as a BitMap object which is later decrypted.

AgentTesla Payload

rezer0

Detects ReZer0, a packer with multiple versions used in various campaigns.

Disables Task Manager via registry modification

Drops file in Drivers directory