Extracted

• • Target

    ea0e0dd2d22f1bd79f1f9edf64a8f13bef9f2568137743442ec299558f91e638

  • Size

    647KB

  • MD5

    eeecd3411de4462a4aa667fe195ae1de

  • SHA1

    2dc524426b08ab3806f0213c85162f8a33ebddd4

  • SHA256

    b22e0c2e845f23929478913459e24c0e98976bee281c440cbac20a458396b7df

  • SHA512

    ff32827dafe25f4128a37cac79e1aeb0cc0a61a6dc346f6568d95c958d7a22c7887902726ee40fa708fdbe0447f7bf95676365458d2fe12056baa7415260929f

  • SSDEEP

    12288:MYKpBrBCxjLyxHlM0UsU50vxGNwPO9l9kyafJlrhFpSOOAzv2awR5QW8muv:MoxvyxHlesU50xGlkyafJlFzAAb2VrQh

  Score

  1^/10
  behavioral1behavioral2

• • Target

    ea0e0dd2d22f1bd79f1f9edf64a8f13bef9f2568137743442ec299558f91e638

  • Size

    940KB

  • MD5

    bb696e1674b7524bdac49fdebd92369b

  • SHA1

    1b775e33b06b50a8ea50e80e4a272e8535606f47

  • SHA256

    ea0e0dd2d22f1bd79f1f9edf64a8f13bef9f2568137743442ec299558f91e638

  • SHA512

    eac33cc0ceec8d859df751d48c80bc66f35c0f93a1f717ecdf2ad9b3b3764f0dc3a28f5ce4586ebefc961ce918edf3078b293d994dd031152441a437c7f15a3b

  • SSDEEP

    12288:9gg+Qny1FfW399JAo66pFL295TLbINcPOjltkyafPl9hFpiOOOzv2awd5QWm+upe:3b99JL66pFkKzkyafPlTzQOb2VPQh+

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral3behavioral4