Extracted

• • Target

    Cotizacion actual REF20240829000010 PDF.exe

  • Size

    1.0MB

  • MD5

    6f19de2a65a02fd4d1fefc385ca5e57a

  • SHA1

    a0daaf9c5671344226e800d43b584499fd44406f

  • SHA256

    1d10b345a34d808d4f18c868435b130d3e4a61d8281af7fbcec02fdaee43e528

  • SHA512

    3e00c3b1f5214a6f79552f920fd89527214261a02306932fe50943fbf9d441959ba08b3214991cc8e68e291bf6f6dd02fd490fe719e7eb0b688350bf54bb49a6

  • SSDEEP

    12288:Htb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaVTHssJP6sHSxEN6raB9:Htb20pkaCqT5TBWgNQ7aBl+aB0QB6A

  Score

  10^/10

  agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2