Extracted

• • Target

    Abusive Letter (Resdex Database and Job Posting).bat

  • Size

    1006KB

  • MD5

    ee9ec74fbf7fb7ed42103267a77f7d83

  • SHA1

    1aeae07889b0c11c8587472db3ebf4b77ff9d451

  • SHA256

    559de1ddc69375c9e08b178e72fe6dcbf0e999e7b078ee94c016a152b8907937

  • SHA512

    eae98812d446c2963243a4313f94d6c5a1a3fb6ec2d8f8dd742d21f2bd48c1515d6566af8de144741dfb4465f3ea2467a1b3dfcc49e7c4b1d8e0c6749667421e

  • SSDEEP

    24576:l/KZIPLG6VRHiTKZdtOyts5TvPISg7iCbdpH3JrgceWk:oIPKwgGDOIGjqbd5qdT

  Score

  10^/10

  agentteslakeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Executes dropped EXE

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  behavioral1behavioral2