Extracted

• • Target

    b9778cf7d090f3c862267950655acb0608fe16f7d1892fd74e63c4f0f890e8fa

  • Size

    1.0MB

  • MD5

    9d36688a27ffd790190faa7be7a89033

  • SHA1

    52aaf6053e42425a83b102c71ee559e7c049baba

  • SHA256

    b9778cf7d090f3c862267950655acb0608fe16f7d1892fd74e63c4f0f890e8fa

  • SHA512

    f848044036b86a44c3cd0de962cde0cb6da3b050e0cdc3cd0707434a81d3697059994330e10b6d5c2567ccde31dbdb1ac1907a304b7641103087868cb0c69cf2

  • SSDEEP

    24576:vmfmE0bk3oLIK2RjfjKZEZlelmwnFXXZmN:vmfmE0bk3oLIK2Rj4ECmh

  Score

  10^/10

  agentteslakeyloggerpersistencespywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2