Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

742b19fe7e...7f.exe

windows7-x64

10

742b19fe7e...7f.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/02/2024, 08:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    742b19fe7ebb06d9f0e36de5a2034836589f61feb0140eab7261dcdae9c0867f.exe

  • Size

    235KB

  • MD5

    311d5078eb3ae39116ae72c192e3c5a4

  • SHA1

    91d2dcedecf54f5be245264255348809f2e5cc70

  • SHA256

    742b19fe7ebb06d9f0e36de5a2034836589f61feb0140eab7261dcdae9c0867f

  • SHA512

    1ad45d63ec2821422f808260a826d1d084aaf84f2f11bd5ada94753c9539b777aaffe5b4a3bdc60e4737e546a84993291446c7085b9e128f1ed8ecd02325a51b

  • SSDEEP

    3072:ZuCpfeWW++O/8obWxjtSh7ZiXYI2a55GeLMuUI:ZneWW++O/8o0jIhV62ahLM3

Score
10/10
agentteslakeyloggerspywarestealertrojan

Malware Config

Extracted

Family

agenttesla

Credentials

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\742b19fe7ebb06d9f0e36de5a2034836589f61feb0140eab7261dcdae9c0867f.exe
    "C:\Users\Admin\AppData\Local\Temp\742b19fe7ebb06d9f0e36de5a2034836589f61feb0140eab7261dcdae9c0867f.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2620

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2620-0-0x0000000000CA0000-0x0000000000CE2000-memory.dmp

    Filesize

    264KB

    Download

  • memory/2620-1-0x0000000074910000-0x0000000074FFE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2620-2-0x0000000004A00000-0x0000000004A40000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2620-3-0x0000000074910000-0x0000000074FFE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2620-4-0x0000000004A00000-0x0000000004A40000-memory.dmp

    Filesize

    256KB

    Download