Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
901bdc59c476cc6bb91e7bd3716436f972c176094c4479a8309e5560362192ec
-
Size
1004KB
-
Sample
230307-l36dzahe98
-
MD5
569ef44d486d4161655af3633d73a5ae
-
SHA1
8f280d6e650835cdfeb60d406a9b81fcaa0a0f33
-
SHA256
901bdc59c476cc6bb91e7bd3716436f972c176094c4479a8309e5560362192ec
-
SHA512
74d83f76cbfc112a2f4d3d6b9e102166959836b491e8f6a7d0f473743191ee872aa2fe0fea8b32306a17001ef7a107f1f5af0a660c048ad763d4f48f6c35d8fe
-
SSDEEP
12288:dHX3FBVmNUfqBe4isYJCM6KV9ZGOY91hb1udYjUGUQ6MPRAhTymycFdNDWnL6:9zYNUfqBpWCiVv2931uCRPRgPyq
Static task
static1
Behavioral task
behavioral1
Sample
901bdc59c476cc6bb91e7bd3716436f972c176094c4479a8309e5560362192ec.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
Protocol: smtp- Host:
cp5ua.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@#$
Extracted
agenttesla
Protocol: smtp- Host:
cp5ua.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
7213575aceACE@#$ - Email To:
[email protected]
Targets
-
-
Target
901bdc59c476cc6bb91e7bd3716436f972c176094c4479a8309e5560362192ec
-
Size
1004KB
-
MD5
569ef44d486d4161655af3633d73a5ae
-
SHA1
8f280d6e650835cdfeb60d406a9b81fcaa0a0f33
-
SHA256
901bdc59c476cc6bb91e7bd3716436f972c176094c4479a8309e5560362192ec
-
SHA512
74d83f76cbfc112a2f4d3d6b9e102166959836b491e8f6a7d0f473743191ee872aa2fe0fea8b32306a17001ef7a107f1f5af0a660c048ad763d4f48f6c35d8fe
-
SSDEEP
12288:dHX3FBVmNUfqBe4isYJCM6KV9ZGOY91hb1udYjUGUQ6MPRAhTymycFdNDWnL6:9zYNUfqBpWCiVv2931uCRPRgPyq
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-