Extracted

• • Target

    b8c49ec19f52572234a367f390de4ca8a5dc406c7cc9f0d0d6f03132ee5261ad

  • Size

    237KB

  • MD5

    b0faf04e71ac66d96aeefe539ae48e55

  • SHA1

    8cb7f9267524e3cf021b7145b7f1cb07c60b4ff4

  • SHA256

    b8c49ec19f52572234a367f390de4ca8a5dc406c7cc9f0d0d6f03132ee5261ad

  • SHA512

    c0fa14723d5f70f2dd0921bc3eb6965d6bf87e1203eab2498045fc36fd9ee9a4fc015f3b5c83ab5576d4539089f6cd1bbf615ed3cb5106725c236877ef0c7102

  • SSDEEP

    3072:XJpZhKeueuuQBmIRpdnOqpRpsYFIm36eKeq5nahTRrqlDC:XhhKeueuuQBmepdnOeNCZeFhTN

  Score

  10^/10

  agentteslakeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Legitimate hosting services abused for malware hosting/C2

  behavioral1behavioral2