Extracted

• • Target

    BL INV PACKING LIST.exe

  • Size

    1004KB

  • MD5

    3100e238c32dbcf516277132d96649b9

  • SHA1

    eac45ea8b56e9b32a10220607f3c9a920eb36019

  • SHA256

    ef32b663609ff4114e7148aa7249fb72a04846de47e17de900f131476b3ffc76

  • SHA512

    35ef99337afaa899a81a7fe7f326dddf1e330fce461c3cb6c46433d0b1a6aeeab74e9bf01484d5bf63ec52417f31cbc8883a0c3cfd7a1c0943197e213c28e8a1

  • SSDEEP

    24576:cAHnh+eWsN3skA4RV1Hom2KXMmHaXtNcw0uQnhv5:7h+ZkldoPK8YaXtNcw0u03

  Score

  10^/10

  agentteslakeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2