Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2800-20-0x...ry.exe

windows7-x64

2800-20-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2800-20-0x0000000000400000-0x0000000000442000-memory.dmp

  • Size

    264KB

  • MD5

    73a0afb79dd993e9895e9e1a2b2f3d14

  • SHA1

    b8a8b79b6dc8f66fb6085a40c12e84548b2cf2dc

  • SHA256

    d6882d4b6fa5a8a53aaa35a63ca83fa4569a40021fcb5f3548d2d87bbc15851c

  • SHA512

    ffc38c91d257b8a8bd3d1f2b8f8ecbf987ccb33777f6643d9d13f18c4c4ff4d1da5465ba7eed356acfa38e0743307c4b958ea6c5fc6ad7b3008d2bfa411de50b

  • SSDEEP

    6144:yyyEx3Bm8JNUd+kk07NS0EkFJOW+jXQru:AS3Bm8JNUkkk0ZRSW+T

Score
10/10
agenttesla

Malware Config

Extracted

Family

agenttesla

Credentials

  • Protocol:     smtp
  • Host:
    mail.flexwelltour.com
  • Port:
    587
  • Username:
    info@flexwelltour.com
  • Password:
    w$5DC?c5
  • Email To:
    donj5425@gmail.com

Signatures

  • Agenttesla family
    agenttesla
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2800-20-0x0000000000400000-0x0000000000442000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.