Extracted

• • Target

    696c1cec68428b579bd71cb56cdd28e9e9fd0a03f63584ac3e3783f264717b82

  • Size

    745KB

  • MD5

    1126bd6cf0a46fdf06c3665bc7ada595

  • SHA1

    59df04fdefe242379373940d61bc0205ffc6b1a5

  • SHA256

    696c1cec68428b579bd71cb56cdd28e9e9fd0a03f63584ac3e3783f264717b82

  • SHA512

    0e33d08981fd91ced49bbca434cfac5a964e18c28e8671baa013cd8b79dfd261db58f7a8294666aea2949823be4aebbe7864800fe3355eb0914da9fc1db219d4

  • SSDEEP

    12288:6gsmZ8iqyJM+cCUYoz7Ch7dVS/L2R7NftgDhrIiKRkjxSDVDvVsP0F91jmMMkR:Ti5OfcCUYyG3VS/L21htErIi3j0DJv++

  Score

  10^/10

  agentteslakeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2