Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9
-
Size
729KB
-
Sample
240202-c4g84aecdk
-
MD5
fcd5fbce64b30ce17bbd688b8d5d34ea
-
SHA1
1650bcd77bc0c71678d0a231a1d99b3fca5b7608
-
SHA256
90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9
-
SHA512
9dd0b0bee26e52d19b12a78814977e75bf445919868f3d102f8d97ebc61be324fbb6bf5d7870e0ce7c51acf392e03a0266d8c1d1c0958eb219d5f45b5c813205
-
SSDEEP
12288:CayAoIFFHgeg/cjoraEMNGZvrzYfnuaspgr5czQhUl/gHmAxhfGWW4Xr:CayAXFxoaEMNGZvrmnuSrezeUlgPxN1h
Static task
static1
Behavioral task
behavioral1
Sample
90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
@BPkIlloCGraceD7@1 - Email To:
[email protected]
Targets
-
-
Target
90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9
-
Size
729KB
-
MD5
fcd5fbce64b30ce17bbd688b8d5d34ea
-
SHA1
1650bcd77bc0c71678d0a231a1d99b3fca5b7608
-
SHA256
90d3f9df2eb2441ea38be2e1a0672848863de59f89f99d32abbe5216e5d58cb9
-
SHA512
9dd0b0bee26e52d19b12a78814977e75bf445919868f3d102f8d97ebc61be324fbb6bf5d7870e0ce7c51acf392e03a0266d8c1d1c0958eb219d5f45b5c813205
-
SSDEEP
12288:CayAoIFFHgeg/cjoraEMNGZvrzYfnuaspgr5czQhUl/gHmAxhfGWW4Xr:CayAXFxoaEMNGZvrmnuSrezeUlgPxN1h
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-