Extracted

Extracted

• • Target

    f09814715a247c4a93532cc3aa8ecf108c55494a6b32cbe7dfb424792d1ad33e

  • Size

    1.4MB

  • MD5

    633134941eda076fd3c6f24770b168d1

  • SHA1

    a8241a8b1060a4f645f080a3ede8be6a14d35862

  • SHA256

    f09814715a247c4a93532cc3aa8ecf108c55494a6b32cbe7dfb424792d1ad33e

  • SHA512

    2695dac5d55300e1e2f5cc9c0506de27281010f9fd7a36b3a344436330e517a02de79b2fd743cc13c51560d789f2167b9ff89069139d8fa1aaf394ce6000ff8d

  • SSDEEP

    24576:lanmoB/IJHXop81q1v1RIAhjLoamMiX4lNmZg0YxegPbUIDPP:laVImpVzjLoyEkmZ9Y14

  Score

  10^/10

  agentteslacollectioncredential_accessdiscoverykeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Agenttesla family

    agenttesla

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2