Extracted

• • Target

    Fedex AWB.exe

  • Size

    889KB

  • MD5

    91fbac2ad79f0afb7069ea7f0e96d146

  • SHA1

    db6af0c18b3288aaef6a5a3b65fa76354a94d192

  • SHA256

    c9182b0781c72fa1ec123613fda3fd97df12fe39be03238711345d424de3cfc3

  • SHA512

    75ec2426811188323d6c29fff70d1fecd12693472b23ffbbb8d82bc4d9df9af74876affe0396a2e8deb61ffdbc66d22b5203dc1421c6439d9bca4759794ba54e

  • SSDEEP

    24576:SVgSJ8E3TR7P8jRmK3mE8uO8Mw+4UwiZNK6Q:SVgSJ8ESRmJluO8MhoWEB

  Score

  10^/10

  agentteslakeyloggerspywarestealertrojancollection

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla payload

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2