Extracted

• • Target

    SHIPPING DOC.exe

  • Size

    478KB

  • MD5

    d1c1aac83a4eb44e1f5a150b1f9ea01a

  • SHA1

    54972afe738a2255c2f319b3077a6413a812809b

  • SHA256

    50c5c887aece86fb6b2dd1184c183c87082ae8a126d52a7e735449f6be8fb68c

  • SHA512

    19cb24c312e122fb876246b96d76f114c9115441faf139f9b465000948349b8c547c56e973a2aa9c154e0308700adcf51c593543d58a48e28bba5a111eebae38

  • SSDEEP

    6144:0iE2fjXwDnSBb/66RUEdKborY4A3O92KBXRr+tdP1ueDkkaDSL3J3iwjIzL2Ga+c:0asDSpJ6yKb0Y4ZvOQoVL3FjM9sEV

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2