Extracted

• • Target

    solicitud de cotizacion.bat.PDF.exe

  • Size

    100.0MB

  • MD5

    10eb6d5b5d7b28859165c4548c802b37

  • SHA1

    583365e2d284286ab0d5b08a2d7e3f3c96191f26

  • SHA256

    fd992317abe43162c2e420c2085eb588011f94e14887704e2baa40ee46388126

  • SHA512

    f1ee38739c4e3696c9663549be54ec3093b304e9998d6ee78c7234729e2f33e0c67f6508d820f5cc67b53cc520ef93a3e4c6a6c475957a28258e6109390da88a

  • SSDEEP

    24576:YqDEvCTbMWu7rQYlBQcBiT6rprG8autKPcz5nMzzZ:YTvC/MTQYxsWR7autz

  Score

  10^/10

  agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2