Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
SecuriteInfo.com.Trojan.Inject4.6572.15229.26543.exe
-
Size
961KB
-
Sample
221122-p6cgvagg61
-
MD5
37ec92d6d742fadd1d398d92153bcf70
-
SHA1
e80d54c9b7bc5ea5dd717122a380ac62f631e532
-
SHA256
7b2c22135a593218b38f180ac6147283ef45f35965caacec43cfb4db3aead0c8
-
SHA512
2cf907a39b1f3aab74a5ce96f0c26839fd38c9edb476910baa66d42d48155a36a510eb7fe7c2193409eaf18f2b30411b56267700efe0fccb7132be625813ca3d
-
SSDEEP
12288:GqSSSgsEoLpvkoYyBLeNATTO56Cfp9PyUZvkOjkTwA6j9MvFnJh8uyrTSJeAzO4q:cbEwxfiNATqvx9P9WO1GvFJn+TyI48
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Inject4.6572.15229.26543.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.Inject4.6572.15229.26543.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
agenttesla
https://api.telegram.org/bot5303328165:AAF7HxnjN67EBIegVs-MwZqBsR_i0699CXE/
Targets
-
-
Target
SecuriteInfo.com.Trojan.Inject4.6572.15229.26543.exe
-
Size
961KB
-
MD5
37ec92d6d742fadd1d398d92153bcf70
-
SHA1
e80d54c9b7bc5ea5dd717122a380ac62f631e532
-
SHA256
7b2c22135a593218b38f180ac6147283ef45f35965caacec43cfb4db3aead0c8
-
SHA512
2cf907a39b1f3aab74a5ce96f0c26839fd38c9edb476910baa66d42d48155a36a510eb7fe7c2193409eaf18f2b30411b56267700efe0fccb7132be625813ca3d
-
SSDEEP
12288:GqSSSgsEoLpvkoYyBLeNATTO56Cfp9PyUZvkOjkTwA6j9MvFnJh8uyrTSJeAzO4q:cbEwxfiNATqvx9P9WO1GvFJn+TyI48
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-