Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7
-
Size
1.6MB
-
Sample
240222-bd9pzshf2v
-
MD5
c1593185065ee09700c89d8c4d12e170
-
SHA1
29f47d63fda09f396fb0d2583b9ed687601ad207
-
SHA256
23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7
-
SHA512
9105d70c84c8f5755b8328fa19e5d91cf82c218ca3ee3e94f9c3011e748939c392361294e02509a763a9fd482e35f297f49cca1cca69821187b69f2ca027c174
-
SSDEEP
24576:4qDEvCTbMWu7rQYlBQcBiT6rprG8aIcrl35sh:4TvC/MTQYxsWR7aIc5Js
Static task
static1
Behavioral task
behavioral1
Sample
23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7
-
Size
1.6MB
-
MD5
c1593185065ee09700c89d8c4d12e170
-
SHA1
29f47d63fda09f396fb0d2583b9ed687601ad207
-
SHA256
23a41237b755ecfe16a2b79fff2b013fa51538799be415c74d53186c1596bee7
-
SHA512
9105d70c84c8f5755b8328fa19e5d91cf82c218ca3ee3e94f9c3011e748939c392361294e02509a763a9fd482e35f297f49cca1cca69821187b69f2ca027c174
-
SSDEEP
24576:4qDEvCTbMWu7rQYlBQcBiT6rprG8aIcrl35sh:4TvC/MTQYxsWR7aIc5Js
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Detect ZGRat V1
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-