Extracted

• • Target

    a56b22a39525ddd24a449fca6f955fa6618312e93a0e3bdac810eee9efc4616e.exe

  • Size

    1.2MB

  • MD5

    d4c81c975960b3d1f5ca098bdbd356b3

  • SHA1

    062bee7edbb5e5830505d6d47e8140020a732c45

  • SHA256

    a56b22a39525ddd24a449fca6f955fa6618312e93a0e3bdac810eee9efc4616e

  • SHA512

    ebe7e09794c2e72440c9a71383f5909330ea1ec51aae7fff4e1f26d04c4ac4f4b5631a6f720463fa9a11db8a9f331332ba568cc6a10a401b1ddec10a103a9225

  • SSDEEP

    24576:FqDEvCTbMWu7rQYlBQcBiT6rprG8ajjXeAcvkEFNQw:FTvC/MTQYxsWR7ajjXehrFK

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2