Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6.exe
-
Size
1.1MB
-
Sample
240608-h45bhsab3v
-
MD5
eab04ba8851e5ff9a16555aa714be99c
-
SHA1
d8bd9ac62747f146088d69cc4f97385535c78241
-
SHA256
c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6
-
SHA512
79a19e05c33eb5fd817f1151d673278b8a1c0fdca6e3d1fbb8684224608690141c436fd63e30b0e89504224ef484909369859a5af436b47c775d85e5532c618c
-
SSDEEP
24576:XAHnh+eWsN3skA4RV1Hom2KXMmHaJqL08fAAW5:Kh+ZkldoPK8YaJqLJfAR
Static task
static1
Behavioral task
behavioral1
Sample
c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
cp8nl.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
@qwerty90123 - Email To:
[email protected]
Targets
-
-
Target
c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6.exe
-
Size
1.1MB
-
MD5
eab04ba8851e5ff9a16555aa714be99c
-
SHA1
d8bd9ac62747f146088d69cc4f97385535c78241
-
SHA256
c0cb57fc9baa9ee1d50147c106a363d2c6533f39f3cc4d509294b1faeef9eac6
-
SHA512
79a19e05c33eb5fd817f1151d673278b8a1c0fdca6e3d1fbb8684224608690141c436fd63e30b0e89504224ef484909369859a5af436b47c775d85e5532c618c
-
SSDEEP
24576:XAHnh+eWsN3skA4RV1Hom2KXMmHaJqL08fAAW5:Kh+ZkldoPK8YaJqLJfAR
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-