Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9fcfd49cab037d685a5237f4a8987132.bin
-
Size
730KB
-
Sample
240115-dxz11ahde5
-
MD5
83dfe186895cc412e62b3b11a7d62e44
-
SHA1
d69b9bab131c92340bb72ba7b0e9c5db77f900b3
-
SHA256
c9854648a65f70285fb1922fa04ec64be1865c24c9bf6bcd20d8fcfd6640b607
-
SHA512
d70ed1c223ae0a470754315c6dab831c33e648a8f1d9e336b8ff8f7c2c62290cd1266a970a53e6983d19f195286d755a71432afe4a67909676345d2c0a4e585c
-
SSDEEP
12288:bp5QE3JwFGnFhuRG0f1mbziu9gSvQ/fAx1CoQwSbSk53dKBs:95QE3iFts0ffuySQ/UlQak/Ka
Static task
static1
Behavioral task
behavioral1
Sample
f94d06ef8ca2b0ba82d7b87527ff277b534c80e96fe8d7bff5fb0b8ebe4e65b8.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
f94d06ef8ca2b0ba82d7b87527ff277b534c80e96fe8d7bff5fb0b8ebe4e65b8.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
bezelety.top - Port:
587 - Username:
[email protected] - Password:
IxF(..bSed6k - Email To:
[email protected]
Targets
-
-
Target
f94d06ef8ca2b0ba82d7b87527ff277b534c80e96fe8d7bff5fb0b8ebe4e65b8.exe
-
Size
1.3MB
-
MD5
9fcfd49cab037d685a5237f4a8987132
-
SHA1
556b109fdfa4e2d61504b34f6ffc9f45ad92f3a1
-
SHA256
f94d06ef8ca2b0ba82d7b87527ff277b534c80e96fe8d7bff5fb0b8ebe4e65b8
-
SHA512
140cf8c051a89edffa5a7adb24aae8a11c8f993a69b4f33c6a6274461674179a44adaa0cdfeebac0e16b201d5cf6764bdcbf4f772b09d41472c8de3cb8e0a977
-
SSDEEP
24576:FqDEvCTbMWu7rQYlBQcBiT6rprG8aZaxzcFe+vuapMrF8n:FTvC/MTQYxsWR7a4xuewuaq
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-