Extracted

• • Target

    DĄBROWSKI_N.24010011792.exe

  • Size

    1.6MB

  • MD5

    6c744e7f58bd987d6603fefb15c14218

  • SHA1

    fbf81d20cac4977119e55b2b605f0df57a5e0a02

  • SHA256

    7fa62d345c56f3f8c6905967534b4fd113568298e8704fe9d9ba0473cadecd9f

  • SHA512

    5487dd5dbf7407ed83a5c4396427111c0293fd2d62cfc1c188ef0ea2f38599066a45ff0c5d87ced0263f6560f996403cccaa02b1895d2ae3a0c33dcf06fd3f13

  • SSDEEP

    12288:BiaEEC3OrANkKSl47g/qq2GUviSEpCXc4ZIW6C4rDGbtDgJssBxkTpPmJQWy+t/R:cZKPg82epjexkGFo5ePwr0V1nA

  Score

  10^/10

  agentteslakeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2