Extracted

• • Target

    9732092 skid fabrication- MTC-NRC-KMC.exe

  • Size

    1015KB

  • MD5

    b3d8677a4bc5a507cdd7614fe99390b2

  • SHA1

    677c75a7542312002b21d28860a5c9eedcdbdf19

  • SHA256

    ca2b636592073072d7d18c90447737b6f2969dcb89c9f0b672b797d63e5a5668

  • SHA512

    2a3af812775eb5dd134e7e129f049205a4a63e750882f6e554bb4e1b3d2fc1a8125e3575a3583c7c1989d3a039bd1757e01085d5bf3d3bfc2fa839d84681fc67

  • SSDEEP

    24576:EAHnh+eWsN3skA4RV1Hom2KXMmHaImXD/Tbs15:Th+ZkldoPK8YaImi

  Score

  10^/10

  agentteslakeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2