Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Enercov PO 202246755181.exe
-
Size
845KB
-
Sample
230319-qf89kage27
-
MD5
11aa003966247771c12825963bea52dd
-
SHA1
9664921caacdd9efece3e476fed9e9bb9ef1b6d9
-
SHA256
387899fad2b9f561cc6b2023765354a3b385c5b515b361c3b019ff180d82d550
-
SHA512
8bb7aa630ad40ad98a88fb4abc8204a4650929715dbd2b39ef28526a01757232f8d7b0130c6694b244c0306bba1589513d37fa96ead350cd133efb0d11c8baee
-
SSDEEP
12288:TzCiEpjkjXyuaq8H7406ylH5UVqzemL07hkvY99Ha0eqpDLd4MDsCoMT:T0jkj+h406GaoBL0Sw97eqpDLdCCoMT
Static task
static1
Behavioral task
behavioral1
Sample
Enercov PO 202246755181.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Enercov PO 202246755181.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
HNnNLPY3 - Email To:
[email protected]
Targets
-
-
Target
Enercov PO 202246755181.exe
-
Size
845KB
-
MD5
11aa003966247771c12825963bea52dd
-
SHA1
9664921caacdd9efece3e476fed9e9bb9ef1b6d9
-
SHA256
387899fad2b9f561cc6b2023765354a3b385c5b515b361c3b019ff180d82d550
-
SHA512
8bb7aa630ad40ad98a88fb4abc8204a4650929715dbd2b39ef28526a01757232f8d7b0130c6694b244c0306bba1589513d37fa96ead350cd133efb0d11c8baee
-
SSDEEP
12288:TzCiEpjkjXyuaq8H7406ylH5UVqzemL07hkvY99Ha0eqpDLd4MDsCoMT:T0jkj+h406GaoBL0Sw97eqpDLdCCoMT
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-