Extracted

• • Target

    PO NO1492024.exe

  • Size

    1.0MB

  • MD5

    07ac7514d2c3a5a9d6767fadb6c07ebd

  • SHA1

    f52186bc5236db7a15eb49e38ed5d8fa8e5e45bc

  • SHA256

    31c81dacc488b878b2f13297e0f8d7f2ad677adb681e6d5629953a4442b768fc

  • SHA512

    d0724f0f6ef2e984c1b3634262108e6b6390394db3907e370adf9668017301fd4db6c0f42e0d9753fbb014688859a9b128e665474bbf3d7b217863ac11141b6d

  • SSDEEP

    24576:Fu6J33O0c+JY5UZ+XC0kGso6FaTEmGQoQsvEJWY:Hu0c++OCvkGs9FaTEvQmvVY

  Score

  10^/10

  agentteslacollectiondiscoverykeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Agenttesla family

    agenttesla

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2