Extracted

• • Target

    a64c5f6add1855ffdd225be01a70b4e32f02d27a391d7a5bbf35b44363056244

  • Size

    574KB

  • MD5

    a5d4716593ac8dad32f79f35260381df

  • SHA1

    7992b3bd27a50b0b52304901b1adbd8a812036b4

  • SHA256

    a64c5f6add1855ffdd225be01a70b4e32f02d27a391d7a5bbf35b44363056244

  • SHA512

    74bc0d8f7818df0d4571e0fc72ed6b063a5fddb91621f5241db2fca055dfdecfb0e6e8698eb266d7829eefc126e38ca8b94fa5fbc417da2cbdbb54a6890b0db6

  • SSDEEP

    12288:IYV6MorX7qzuC3QHO9FQVHPF51jgcalHtdzGpG21oBT:nBXu9HGaVHUNdUG5d

  Score

  10^/10

  agentteslakeyloggerspywarestealertrojanupx

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2