Extracted

• • Target

    6c2052b09a10e09614ed08ccbb06d8a4_JaffaCakes118

  • Size

    662KB

  • MD5

    6c2052b09a10e09614ed08ccbb06d8a4

  • SHA1

    d7feca9660996f58a087de0fb019683089b6de48

  • SHA256

    266aba3c76dc29ae2cdc7340079dcb6e73f2638bbfc6e1df805641edaae68efd

  • SHA512

    aec12fb21021b56dafc7aec8fceeabbdc82da157ecbf8209f07ffbb29f2c561bb68a3db345a993d57ab9de90c415675522c267dfda460f8f89cfcea175e7e01a

  • SSDEEP

    12288:Wcaw5Y2dAkP4gJa55cwvhlyBxWjQi7jD6X3vPnILRq8gmG9L1f2Lxi73AYPVxo:WcayNdAQ4owaMhcWjQqjD6HvvIy1+oMI

  Score

  10^/10

  agentteslacollectionkeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla payload

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2