Extracted

• • Target

    hDL4BS7 Documents.exe

  • Size

    1.1MB

  • MD5

    302b98e7137292ea2007c530ef223187

  • SHA1

    9c1a887cd2aa930f7217b161086b5e9954e76cf0

  • SHA256

    d49937e0591260a3ac4786590742570bbdf561425889822c1ee564a2b8fff67b

  • SHA512

    3c7628a0cceefeedbb6feaadbfb1579faa86de7b8a9a74fb6b08ebbac6dd80016c6e2276aa32e4aa217a83ad797cfe787d82722cb53af694699d90470d0dc619

  Score

  10^/10

  agentteslacollectionkeyloggerpersistencespywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla Payload

  • Accesses Microsoft Outlook profiles

    collection

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2