Extracted

• • Target

    Shipping Document PL&BL_Draft.exe

  • Size

    90KB

  • MD5

    a5bc14552a650987e7524139f995498d

  • SHA1

    59686f0adb8a4831b39a66f5c386aa2f567a3b77

  • SHA256

    587accd07778853069236081af26d70e7219b9117e76706b630f19ae51d06339

  • SHA512

    53f730b7bbe66f3a3cb1c054170789c575346b90a0ed0397efd355fa4d9dc530f0f7d000c57cc21afc7677a05be7ba30395db9668aa3a930fdbb4472afb5790b

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla Payload

  • Downloads MZ/PE file

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2