Extracted

• • Target

    cotización.pdf____________________________.exe

  • Size

    508KB

  • MD5

    9e77f9f188f20ed23a6cdfa187bf4027

  • SHA1

    9ca8d757970f6aaa5b8d67236420baee01200153

  • SHA256

    5b61886f54aca9d9af806028350dc0bb70c8d3dae633700de8f4fae6a8d513fb

  • SHA512

    979e3d677770956405f584f9e7713ef759b8da340307ec1a709f309046313f228b7d6bef947f77c00e8d38ed99b177402ea73202f2480ee7d099dbbc0e36d077

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla Payload

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2