Extracted

• • Target

    7e6b0abf06d4060bb722a3d7d4f06f8821f83ab32995ff39ca673449a951f6e9.exe

  • Size

    1024KB

  • MD5

    a55346fa83c52c493449dda9edd8ec25

  • SHA1

    5352b64fa109dea372f68412c0b2d0b2096371db

  • SHA256

    7e6b0abf06d4060bb722a3d7d4f06f8821f83ab32995ff39ca673449a951f6e9

  • SHA512

    fd20b06326b1172dbef6786d45f52c7186d1c32038c6931ee8d47691f017808f5800fb1cc010db7261f15f6e0cc26300fc3a0a351d82219e412c8d9c6063bbf9

  • SSDEEP

    24576:0AHnh+eWsN3skA4RV1Hom2KXMmHasgwqspfLb+GrBC5:Dh+ZkldoPK8Yas/XDv6

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2