Extracted

• • Target

    SecuriteInfo.com.Win64.Evo-gen.29048.30351.exe

  • Size

    476KB

  • MD5

    b5c98662262c45efed63b78c4f41a31a

  • SHA1

    1daab0515696d8898cce69dae28edab48615f276

  • SHA256

    0a83c7e2b213646c2861d33fb49bd12c9fb43f1e19fafbfd618bd4b17a07aabf

  • SHA512

    5e94a92c7106561b34120bc047390128cb5aed58fb3754bfd29507889b6b50992353cd00e5fa7941d666f824908dc59064877389e7911a81a2ca62d554662550

  • SSDEEP

    12288:DaifFPH4m1d29VJWOwXPhn7w9tbt+8eV7:DaidP4s2zoBhnEXbcxV7

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2