Extracted

• • Target

    TT-copies for invoices.exe

  • Size

    1.1MB

  • MD5

    afe81319c38d7fb0c9061492315fd907

  • SHA1

    294e3b75d8fc5bf8afddfa0f7518db11345236c6

  • SHA256

    ebb0798162290ffb9a0e46b0ac35c719044bf93c62d90e056fdf9a41c3fc132d

  • SHA512

    83a3ac8e7818fc60b506d2d4a1c59b91372d59f5499c7e4a601c13784fdee79ab25ae62162306b32dc125621252611096ea7b17b07998f1517f30f535e3c8c82

  • SSDEEP

    24576:lu6J33O0c+JY5UZ+XC0kGso6FaiTmfult3gmWY:nu0c++OCvkGs9FaiTmfOt3gY

  Score

  10^/10

  agenttesladiscoverykeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Agenttesla family

    agenttesla

  • Suspicious use of SetThreadContext

  behavioral1behavioral2