Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2023080181301512300.exe
-
Size
654KB
-
Sample
230821-h9lrcsdc8z
-
MD5
211cc9065649db3cd6d2b27b60904f62
-
SHA1
6c724039b6995607dee6d5d6a48b06c806eb355c
-
SHA256
fe8fe2d1a57f344afaebc018a90acfd787b897b2a5baffd045980ff7a5c00bc3
-
SHA512
e9b318ebaaf9b7f69e94521a3554732eade544b6d80c11a3164eca1f14efea35c57aa402081e1db02e01aed9cb8c5528a03623d7418bcb517ac19bf571f6b67d
-
SSDEEP
12288:3W23/gPrk6AQRxwZlOK1q3hfwqrSg/b596cBs2yov2QdOBu5p/I:dwrk6VqOK1q3hfzSg/j6cjyC/dOBu5pQ
Static task
static1
Behavioral task
behavioral1
Sample
2023080181301512300.exe
Resource
win7-20230712-en
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://peruglobo.com - Port:
21 - Username:
[email protected] - Password:
YSw&oCV&c23w
Targets
-
-
Target
2023080181301512300.exe
-
Size
654KB
-
MD5
211cc9065649db3cd6d2b27b60904f62
-
SHA1
6c724039b6995607dee6d5d6a48b06c806eb355c
-
SHA256
fe8fe2d1a57f344afaebc018a90acfd787b897b2a5baffd045980ff7a5c00bc3
-
SHA512
e9b318ebaaf9b7f69e94521a3554732eade544b6d80c11a3164eca1f14efea35c57aa402081e1db02e01aed9cb8c5528a03623d7418bcb517ac19bf571f6b67d
-
SSDEEP
12288:3W23/gPrk6AQRxwZlOK1q3hfwqrSg/b596cBs2yov2QdOBu5p/I:dwrk6VqOK1q3hfzSg/j6cjyC/dOBu5pQ
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-