Extracted

• • Target

    eca0e8b6d6b4791d76996078a.exe

  • Size

    164KB

  • MD5

    f9f9e4152d05f9484e22f1a588d7d349

  • SHA1

    43b0705c3e4324995188df1f9722ed830c67f21a

  • SHA256

    eca0e8b6d6b4791d76996078a45917d4e96c769a82b521ed2783130063b39a09

  • SHA512

    3212a7040f37fe909d79049cfc17b769cbaeb3cdc0d29e7a39388866a6944fd8143bb153843352b21d424cb4b005e141e91d8577b63f93f68563b50b2a45c463

  • SSDEEP

    3072:mmwqIeWaJVjecyFYK0Ec8fOuyv21D3j0/DQ:RIeZ9ecyFYK647130

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection
  behavioral1behavioral2