Extracted

• • Target

    b50565bf09e5dacbab8707a725376464874b24e86f38e977c4a45de1049c9c62

  • Size

    12KB

  • MD5

    993da48540a2412e8db984b790944f34

  • SHA1

    f4c946466fd439ebedd8c045909674e76f765f29

  • SHA256

    b50565bf09e5dacbab8707a725376464874b24e86f38e977c4a45de1049c9c62

  • SHA512

    8788077de9a8fd932e11bb11581ee7b1ee3040b930408f641449f29d271ca1b1769497f1c07148873c1ab3e2eeda652fcafe26eef8f9b2f41c672206b216f1f9

  • SSDEEP

    192:fdQ8+pGrmjALBBhaqFYw55bGTzK5jX92PxcZ:fO8YKmjSxFv5JQzKJX9r

  Score

  10^/10

  agentteslakeyloggerpersistencespywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2