Extracted

• • Target

    Shipping Document_PDF.exe

  • Size

    425KB

  • MD5

    316bc2c2ccf689cbda2c83a33a412b32

  • SHA1

    fc31789f4eb66333997c3edbaf585e48d2c3e390

  • SHA256

    81162d06ef961d95dc677f8f4f9ced55da496844cf5b769191db72cce15a5263

  • SHA512

    e0f755d48f986e46cf143b913b37d373fcfc66d4b834ef0aba1d8a8b5ed76e218ec2b90e2eed05c4ff796c59b0afa3baafd3f35e51c33292b4d144019b54bde8

  • SSDEEP

    6144:N8dj5zpTDFLZFBapa52ju7QAdtkgpmNZEs7a+hI:NmFZDFLZFBN+u79dtkgpmEw5I

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla payload

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2