Extracted

• • Target

    ece6af58d537a911d5f7b5e983ec821e_JaffaCakes118

  • Size

    297KB

  • MD5

    ece6af58d537a911d5f7b5e983ec821e

  • SHA1

    a1d812fd9b96f5260e450689944801a63a6cc056

  • SHA256

    7c7ce4a65537e030d65181b5e29ef6616e4e084723c3ebfc813d6a480392e4f7

  • SHA512

    f1d49092f3387a6f322b189f5e4626a5f09bbb662eff7a61b86a570fd2a9a49c385e1350bef1605d093eff5abf41b9f7ec2e32882b1e43ada1a929f81f5062cc

  • SSDEEP

    6144:+J4exZHiQw4ES8fcQAq4s3F3q290tvsY41C7UFbEba7teI:+OexZH/HcN90tvs5CO17sI

  Score

  10^/10

  agenttesladiscoverykeyloggerspywarestealertrojancollectioncredential_access

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Agenttesla family

    agenttesla

  • AgentTesla payload

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2