Extracted

• • Target

    3b7c5b3117fecc6bec8c097a17207a78_JaffaCakes118

  • Size

    365KB

  • MD5

    3b7c5b3117fecc6bec8c097a17207a78

  • SHA1

    bc690c993df53b479a4177fc363bb843f9be3b91

  • SHA256

    153ebc5a6d6de297a0dea7ac64e03d057b0f5e7444e85e33404743e066712071

  • SHA512

    2215b2764116be28b099aa146389882c5612b150b76d6519d48a4f1ee0e7e22af2f021febc31aa563e3d7143d766056e1489b64ccb6d874bfd9b3b1765cad4d2

  • SSDEEP

    6144:u6trRiOnnmmt3pgmWGjco9lm6/uXww943ijmlyMN2ymDrYqD:u6trRZVDDrjcomwe5jmweMT

  Score

  10^/10

  discoveryagentteslacollectioncredential_accesskeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • AgentTesla payload

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2