Extracted

• • Target

    UKRAINE ORDER.exe

  • Size

    1.1MB

  • MD5

    be568e9ada4c30192e3c7cd70832c0fe

  • SHA1

    3a968539500ff66264094a1b3602ff968f0ea5e3

  • SHA256

    4e6003b77cd84ef993df8a6d25b84af2ea485ec61c501b77dde3891ecf2ca2a5

  • SHA512

    4f371de0f5acbb2996df2d7647a256b34ca2079a96cc81fc8610c87edc450b5c17776eb5b673aceca20b9e091f6df2c578bae63c124f4611bf1e223e1cac9a2b

  • SSDEEP

    24576:rfmMv6Ckr7Mny5QUDNxl3J3fgORq3Xbmb7R4k6YUzL:r3v+7/5QUDzl94Oem+k+zL

  Score

  10^/10

  agentteslacollectiondiscoverykeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2