Extracted

• • Target

    PAYMENT SLIP.exe

  • Size

    803KB

  • MD5

    df56781656a194f03072f7039f5a7ea1

  • SHA1

    d48bf6de495b4a0d0525c28eba875473654765f4

  • SHA256

    60a107b83a792df4cafbe67547cf3663ee3e2277572f8778bb78bd226d9188d8

  • SHA512

    641ebae2405c46ccb41e8c2bbdbd89b1bd5206fe40e6cb57de2e44a1749cfd8f332b5697e6d9c18769c322e2d746de08e94e36be9c53f1a9ce3ec53791a100a5

  • SSDEEP

    12288:Aq5iTB2QwUKIpcJMfcVpwGRYaaJwKuA3rChEJxnp:AqmX2+cVpWDJwKx3rvD

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2