Extracted

• • Target

    7be772fdebc0e7495da4be95b63e4df9

  • Size

    2.6MB

  • MD5

    7be772fdebc0e7495da4be95b63e4df9

  • SHA1

    c07cab690cdd97b55b414443d29a910f204a5920

  • SHA256

    8e50ab015294c9b498b635c7cc69f6c6b07b37cc14a95a7b364f9fdf08d2c85a

  • SHA512

    6af2fd56a0ae5a8efb8dba48a00948d95e7ec8f3e95efbb0b0960d8df7a730cf49d8aa93bbc0aee35a54de21aeb5e358cc0734774409b09cb0eaa74008fe033d

  • SSDEEP

    24576:Fts2kkzjhvOnsOPbPiLmB0xKGHtCqaXPbIl10SCdKNxTXkkmm/k5VFibNijj8Fc4:VUYNRytN1y9LRFtqqAbm/QfSe8j

  Score

  10^/10

  agentteslakeyloggerspywarestealertrojanmicrosoftphishing

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla payload

  • Executes dropped EXE

  • Loads dropped DLL

  • Detected potential entity reuse from brand microsoft.

    phishingmicrosoft
  behavioral1behavioral2