Extracted

• • Target

    92c492_e7293c57732f4f278d939202241e0b25.txt

  • Size

    759KB

  • MD5

    b1a471709f6fb58395e9c81a44f94bd7

  • SHA1

    d086a38907fad7926fbb37a65a306e82ed2db6ca

  • SHA256

    e3405e4a0f13850e6ba7b4e924c7ba1e016fa4056059f3f6ea3afb2ff10364d4

  • SHA512

    f603e0ec4e4bd8b94016066e2467db74c4d069761617bb5e358bc0266b02c23e09a325223cb7f4355fe9691412900f9696ede6c2d2857e1be22dcaed468ce6fd

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla Payload

  • Drops file in Drivers directory

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1