Extracted

• • Target

    Details as attached in this mail.js

  • Size

    533KB

  • MD5

    e56d45345f69801c026b1b5a2c18c144

  • SHA1

    938da170ed6fc5a448e7efe1565f89dd7344727b

  • SHA256

    d6e343379fbeab439d35deeee1ef8d476118efa90b415b29b025106c575d3b4f

  • SHA512

    28ba43fcecbda8dcd42aae9ad973d204d6b6b7da948d35552176a834988a387eb833eb6a7a7b6ca35d6d715fa137cef98d3b0f3b51e187c6ffa21441db0b9e49

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla Payload

  • Executes dropped EXE

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2