Extracted

• • Target

    0540fa5ba6c78d6001e586d360588bfd

  • Size

    474KB

  • MD5

    0540fa5ba6c78d6001e586d360588bfd

  • SHA1

    72a1d34b9eb3721b758bd9ea619877a061bd3783

  • SHA256

    b7964a89e6a2241d174412de89aefa5cea84f723413cdfe5b2ad6aec40e7a54d

  • SHA512

    38aee223015a55a5fe99af3dce002befffd78faed0bc1a3d35135e7675f7f0b2b850d09f4fbe29308a475c9858be45052cb07ca7381303159904cbd3ed5e9642

  • SSDEEP

    12288:dfo25r7EhN5s6XgsMkllOCBJhs0tGwYLnbWtV/aEw2qR5jAuORm:dfo25r7EhN5s6X/xE0inOV/n585E/4

  Score

  10^/10

  agentteslakeyloggerspywarestealertrojancollection

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla payload

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2