Extracted

• • Target

    e75faef67e38305f7267a344763668b80d31285d5558c6b4afb2dd5fed8b3ddd

  • Size

    1.0MB

  • MD5

    e0ac2deedaac10bd391343a0bc6de31e

  • SHA1

    c998258356e386efd1c97e6fa001156896d3b2da

  • SHA256

    e75faef67e38305f7267a344763668b80d31285d5558c6b4afb2dd5fed8b3ddd

  • SHA512

    aec963d8535608743f08a4ecef6f31fe66f70b33e32b974fa3f7fe6593e000d00b9a60634c6a10c1bf0bf736806ca6a9aeb681713f39ac5555560098fb2dc907

  • SSDEEP

    24576:TAHnh+eWsN3skA4RV1Hom2KXMmHaWF7pVRQ5:eh+ZkldoPK8YaWZpVE

  Score

  10^/10

  agentteslakeyloggerpersistencespywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2