It creates scheduled tasks or registry keys to ensure it runs every time the computer starts. Data Theft Capabilities
If you tell me more about where you found this file, I can provide: associated with its C2 server Removal steps for your specific operating system Email header analysis to block the sender domain PL_BFRn.rar
Stealing credentials, keystrokes, and clipboard data. It creates scheduled tasks or registry keys to
💡 Do not attempt to open or extract this file on a primary machine. Use a dedicated sandbox environment if you must inspect it further. 465) or known malicious IP addresses.
Analysis of similar samples (e.g., on ANY.RUN ) reveals the following characteristics: RAR Archive containing an executable (.exe). Malware Family: Agent Tesla (Spyware/Infostealer).
Connections to unusual SMTP ports (587, 465) or known malicious IP addresses.