Extracted

Extracted

• • Target

    9aced2be886174e3c7a6fa2f2bd0243f.exe

  • Size

    1.0MB

  • MD5

    9aced2be886174e3c7a6fa2f2bd0243f

  • SHA1

    fedaa06b74907d71b567ff098f4a97258dc73509

  • SHA256

    a6541f542aee46042906a0cddb1ef3e4fdf3cae69a37c8011bb0c4fce27d6693

  • SHA512

    851ee289659d794ed55d777d0653a1f69eb2b2c4f5bb01786ebce19754069a4c638240964c4d91dee1c1c1f7ab80e008a4eb46707881c2a698a3a6ab56c7ae7d

  • SSDEEP

    12288:NMmBV7uikFgsHSEJmITKusnjeFUwG8fyN9gshRzE1ln0zlhKZiFsa3:ZBlubgREJmIzsnjeeR8fP1lnURsI

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2