Extracted

• • Target

    ΛΕΙΠΕΙ ΤΙΜΟΛΟΓΙΟ.bat.exe

  • Size

    100.0MB

  • MD5

    cd0e4667c8f9b880d489189d3c1e3fd3

  • SHA1

    a51846a21b233a8728fcd6039051a5e2a04c7668

  • SHA256

    b0e73613fc800e9c36e405265e2352f5d9684554ac34b364b050af523c146dc3

  • SHA512

    47a25dd790d4ebe5e1a7ca3d93173c5efd4068e8e9db934749bbf1e8cee2ed7bda4679bf9ab7ecbb9bdea58fb443cdb736627e6b5f479e7d262306ea3f3d3dcb

  • SSDEEP

    24576:PAHnh+eWsN3skA4RV1Hom2KXMmHawHfqUZDmRx9W4NKB5:yh+ZkldoPK8YawpZWH2

  Score

  10^/10

  agentteslacredential_accessdiscoverykeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2