Extracted

• • Target

    Hesap Hareketleri 11-07-2023pdf.exe

  • Size

    791KB

  • MD5

    22035670a6f0e1f2cad7bf0662a1b5da

  • SHA1

    9bd5756fe2dc423d657b2b62e9b0890b52bf92f6

  • SHA256

    99f63c91997f38c8ae3816303a4849277863aa91f5e0b268d9989ad877e83deb

  • SHA512

    b9737f8d7a3775a0f3f9a78d24fda787b956c56419cc8183f4d6a20ca3cc91672ca9fbc378499b82a34a7d6359b1252653f448eea465e0a93fae44e02cf6808a

  • SSDEEP

    24576:23mDSXlAL7wFRmC6181evMaIO05k2xIKq9yQ:emDS6L7ARmPvf05k2vKyQ

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2