Extracted

• • Target

    fee11a3f1479f945ae579edc4dfffd15_JaffaCakes118

  • Size

    340KB

  • MD5

    fee11a3f1479f945ae579edc4dfffd15

  • SHA1

    b981e3698680302ec9695127f88112da593317b7

  • SHA256

    b14f41c4f83029cffe92e95429c9facb34c7f7b0378d61e7dbad92415f6abb58

  • SHA512

    33f6a9ccb570789861ee470fbbe9d7cf6e4de711717fee1e1bf98b229516826c1929c50818a6f2ff3c352fbd58cabb9f8c3dfd7d681f3ecde82a5f9e811b9477

  • SSDEEP

    6144:32kYMHGE6rv7pw22PtFT7hILX5GzeCS6iuEGxhXenZyrO4T2OvtGbgg2h4Ti:GIFl9Y2eCS6qeenkCZbgMG

  Score

  10^/10

  agentteslacollectiondiscoverykeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla payload

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2