Pl_bfrn.rar Online

Scans for credentials in Outlook, Thunderbird, and FileZilla. Screenshots: Periodically captures the user's screen.

Analysis of similar samples (e.g., on ANY.RUN ) reveals the following characteristics: RAR Archive containing an executable (.exe). Malware Family: Agent Tesla (Spyware/Infostealer). PL_BFRn.rar

Stealing credentials, keystrokes, and clipboard data. Scans for credentials in Outlook, Thunderbird, and FileZilla

If you tell me more about where you found this file, I can provide: associated with its C2 server Removal steps for your specific operating system Email header analysis to block the sender domain Scans for credentials in Outlook

Targets Chrome, Firefox, and Edge for saved passwords and cookies.

Check %AppData% or %Temp% for randomly named .exe files.