Extracted

• • Target

    Ferrecsa D701163.pdf.exe

  • Size

    1.2MB

  • MD5

    861b8fa009a52d4a2a0484b8c2673fb3

  • SHA1

    379c013437d1f2956eb40772281754545a6ad124

  • SHA256

    655a38b1686aa4f75f6dd4f2b59c8e9e09cde9997b46bafbe4e3dee38d859c99

  • SHA512

    5d24eb0674278d40e26db482e06a301ccca675a1454593868929fde24def1dcc6431ecee123fa05ec2907c375d2220d8499e68d15be5343e4e2ace529a6776f8

  • SSDEEP

    24576:jiUmSB/o5d1ubcv7HAUJDeRSCJvYDxsHWaNL5ZUPNZjk9WtI5CtbXosz67:j/mU/ohubcv77qRNBSMNLgPNYWi5Ctzc

  Score

  10^/10

  agentteslacredential_accessdiscoverykeyloggerspywarestealertrojanupx

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2