Extracted

• • Target

    Shipping Document_PDF.exe

  • Size

    865KB

  • MD5

    5e1c0b9b2db4426d9fe3b72282a0c8fd

  • SHA1

    a176140740c3c343e23747189abaca7890147dba

  • SHA256

    0e7ffc02457986adfdc39077de4541c0b33b5588bf842229ed091b40ce4cc96d

  • SHA512

    ee6ad2b5b4611c0a71a4537880e97bfd3e7cc3becdc1caf98056fcecdba0b68797371f386c2a9337c2d4b04d509855e55875f1a482e16aac2ada48cb17a5d557

  • SSDEEP

    24576:ZPRKiswt9dB7JbLH2B8ec4i1/gSKVe59E/7Y9Cb:xPv7JWLc4iR9gY9C

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla payload

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2