Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c1bb87d175c0bd11d05b38e15985c040b3c5ff6c64b7d6947784dfd1fb1106e1
-
Size
316KB
-
Sample
230823-kahxjacc4z
-
MD5
3f01be77d073cc37a6e36068761230fb
-
SHA1
97be433de500f3ea20441a38e1e096ec325bd435
-
SHA256
c1bb87d175c0bd11d05b38e15985c040b3c5ff6c64b7d6947784dfd1fb1106e1
-
SHA512
5921e7300159162f849277c75535233635ed60035cd0e61de82f4cda2e0cbe480fa3745eb748496ace7fb042670598b90c0314cca7b034dc5d855cee0ed06ac8
-
SSDEEP
6144:8HLqbN7tQW9oMwTiDzEdnV0olftr0wYjsXMVikV45l:pQlpTY4dfllDYjsXgk3
Static task
static1
Behavioral task
behavioral1
Sample
c1bb87d175c0bd11d05b38e15985c040b3c5ff6c64b7d6947784dfd1fb1106e1.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
c1bb87d175c0bd11d05b38e15985c040b3c5ff6c64b7d6947784dfd1fb1106e1.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
smtp.rapltorsupplies.com - Port:
587 - Username:
[email protected] - Password:
JG%xlMm6 - Email To:
[email protected]
Targets
-
-
Target
c1bb87d175c0bd11d05b38e15985c040b3c5ff6c64b7d6947784dfd1fb1106e1
-
Size
316KB
-
MD5
3f01be77d073cc37a6e36068761230fb
-
SHA1
97be433de500f3ea20441a38e1e096ec325bd435
-
SHA256
c1bb87d175c0bd11d05b38e15985c040b3c5ff6c64b7d6947784dfd1fb1106e1
-
SHA512
5921e7300159162f849277c75535233635ed60035cd0e61de82f4cda2e0cbe480fa3745eb748496ace7fb042670598b90c0314cca7b034dc5d855cee0ed06ac8
-
SSDEEP
6144:8HLqbN7tQW9oMwTiDzEdnV0olftr0wYjsXMVikV45l:pQlpTY4dfllDYjsXgk3
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-