Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
696c1cec68428b579bd71cb56cdd28e9e9fd0a03f63584ac3e3783f264717b82
-
Size
745KB
-
Sample
240606-b1gygsdh6v
-
MD5
1126bd6cf0a46fdf06c3665bc7ada595
-
SHA1
59df04fdefe242379373940d61bc0205ffc6b1a5
-
SHA256
696c1cec68428b579bd71cb56cdd28e9e9fd0a03f63584ac3e3783f264717b82
-
SHA512
0e33d08981fd91ced49bbca434cfac5a964e18c28e8671baa013cd8b79dfd261db58f7a8294666aea2949823be4aebbe7864800fe3355eb0914da9fc1db219d4
-
SSDEEP
12288:6gsmZ8iqyJM+cCUYoz7Ch7dVS/L2R7NftgDhrIiKRkjxSDVDvVsP0F91jmMMkR:Ti5OfcCUYyG3VS/L21htErIi3j0DJv++
Static task
static1
Behavioral task
behavioral1
Sample
696c1cec68428b579bd71cb56cdd28e9e9fd0a03f63584ac3e3783f264717b82.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
696c1cec68428b579bd71cb56cdd28e9e9fd0a03f63584ac3e3783f264717b82.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
agenttesla
Protocol: ftp- Host:
ftp://ftp.ultraflex.com.mx - Port:
21 - Username:
[email protected] - Password:
Jgj8-p4Z]a1b
Targets
-
-
Target
696c1cec68428b579bd71cb56cdd28e9e9fd0a03f63584ac3e3783f264717b82
-
Size
745KB
-
MD5
1126bd6cf0a46fdf06c3665bc7ada595
-
SHA1
59df04fdefe242379373940d61bc0205ffc6b1a5
-
SHA256
696c1cec68428b579bd71cb56cdd28e9e9fd0a03f63584ac3e3783f264717b82
-
SHA512
0e33d08981fd91ced49bbca434cfac5a964e18c28e8671baa013cd8b79dfd261db58f7a8294666aea2949823be4aebbe7864800fe3355eb0914da9fc1db219d4
-
SSDEEP
12288:6gsmZ8iqyJM+cCUYoz7Ch7dVS/L2R7NftgDhrIiKRkjxSDVDvVsP0F91jmMMkR:Ti5OfcCUYyG3VS/L21htErIi3j0DJv++
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-