Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7
-
Size
1.3MB
-
Sample
240203-b2ymmadhg3
-
MD5
5d762b6b02a088d09c6c5376f2a45110
-
SHA1
a178a3968678e68efa5ab44f2343971670fdc10c
-
SHA256
e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7
-
SHA512
77af03fb2ad4ea5993f719be031debfee8a5b7956d8c50b4c755a25ad41297f83d1a2e1835b21b136e42eaedbc6f2c2d20400c49d1500b4d3552ff402a43826f
-
SSDEEP
24576:vAHnh+eWsN3skA4RV1Hom2KXMmHan8QnGDLRKbhLBDU+iI3+85:Sh+ZkldoPK8Ya8QnGDLRcLhLiId
Static task
static1
Behavioral task
behavioral1
Sample
e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7.exe
Resource
win7-20231215-en
Malware Config
Targets
-
-
Target
e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7
-
Size
1.3MB
-
MD5
5d762b6b02a088d09c6c5376f2a45110
-
SHA1
a178a3968678e68efa5ab44f2343971670fdc10c
-
SHA256
e8c50e1ab136227a4ef046397f413118d48115c559dc5bc2ed4969b4754d92b7
-
SHA512
77af03fb2ad4ea5993f719be031debfee8a5b7956d8c50b4c755a25ad41297f83d1a2e1835b21b136e42eaedbc6f2c2d20400c49d1500b4d3552ff402a43826f
-
SSDEEP
24576:vAHnh+eWsN3skA4RV1Hom2KXMmHan8QnGDLRKbhLBDU+iI3+85:Sh+ZkldoPK8Ya8QnGDLRcLhLiId
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-