Extracted

Extracted

• • Target

    9a31156b6d7eb6076d0bb4a2f593fc21be304aa9e559547e2ee4a6232608c35e.exe

  • Size

    739KB

  • MD5

    1e63c9ad686c5f6cf395f6aae426006a

  • SHA1

    fdaf90874200fca372135cbc1d78599e1f38f43a

  • SHA256

    9a31156b6d7eb6076d0bb4a2f593fc21be304aa9e559547e2ee4a6232608c35e

  • SHA512

    d083eb04b543f84805c2479650ba26ec192ff479c022453138d673abbd41f355891cb187e5e547dc424105638473b0219a9d045186c6c0fe71a169ac903ba414

  • SSDEEP

    12288:v7aWNjpkskxRDqaCgqeR5F6HkkoFtjDS5FxbXLKdwrbZi8cKN2YjeqX0qXOZkGKR:v7aWNjpkskxRDqaCgqeR+ofyrbZi9iV/

  Score

  10^/10

  agentteslakeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2