Extracted

• • Target

    34daedb6adff3093ba3c4f8fd62e63e97298357cac9fe584adfea38bebf1b855N.exe

  • Size

    1.0MB

  • MD5

    3a19fe1cce392122571c5f38b2c9dcf0

  • SHA1

    8fbb84fc60f29b2bd6a3eff198c535c867242f65

  • SHA256

    34daedb6adff3093ba3c4f8fd62e63e97298357cac9fe584adfea38bebf1b855

  • SHA512

    b698bf467f8cf707a8abdaf4a65e2e00756243a1617bc8d850e7c6d14c7f49ca61fab9dc788b05f5a7aeca0d343072cab20205f320e534091aab569204fbb644

  • SSDEEP

    24576:DAHnh+eWsN3skA4RV1Hom2KXMmHaXCg2a4q7jw5:Oh+ZkldoPK8YaXC6N7S

  Score

  10^/10

  discoveryagentteslakeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2