Extracted

• • Target

    NEAS.20659452fc7fd09a2f1f315224a9c08e1ad69c40f0412c47ee16ea4a02fa5fe3.exe

  • Size

    998KB

  • MD5

    af2ed6f886c753e5cfe47b27be56982d

  • SHA1

    d6a58c9821b751fab07604371494f01f32ef3353

  • SHA256

    20659452fc7fd09a2f1f315224a9c08e1ad69c40f0412c47ee16ea4a02fa5fe3

  • SHA512

    89a981aeea6390fe80715971fab5dbf65acfc75772bf2c77e01ea81a66d38089d201e2a2745764a19f04530a04ed542bb204efb39cd610e8268fdb1f3b33d985

  • SSDEEP

    24576:jGY8lFbhTzVsoRgETNXLJzUhIpP4I43Z8QxOBya/p55z:CYAtsoRNNtzjd4IkZ5Eyaxz

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2