Extracted

• • Target

    NEWORDER20874.exe

  • Size

    1.0MB

  • MD5

    eba6091e692e5babd8aa6cda1ec38b3d

  • SHA1

    f2c9dd10b786339298caffa04891228b8415e650

  • SHA256

    fcb4f6bf4809eb3c287e9fe90a8c6396327976b48af1c0552ab5491f0e45c4fc

  • SHA512

    dfa6f7c0577d0176c16b0a9c90bfcad8061c69984f6684d0cf2d8ae742e9a9332e68ed909d1dac825922ee91807c032d1a88fafe70917a2a14cbc6ffe7ad95b9

  • SSDEEP

    24576:0u6J33O0c+JY5UZ+XC0kGso6Fayp4q1hAMamWY:Ou0c++OCvkGs9FaypB1hOY

  Score

  10^/10

  agenttesladiscoverykeyloggerspywarestealertrojan

  • AgentTesla

    Agent Tesla is a remote access tool (RAT) written in visual basic.

    keyloggertrojanstealerspywareagenttesla

  • Agenttesla family

    agenttesla

  • Suspicious use of SetThreadContext

  behavioral1behavioral2