Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a38d11fe4e93ba2f88c70c336a98b0f093508fea47967b5a6a7784a7e5a90017
-
Size
1.2MB
-
Sample
240612-bfvnvaxckp
-
MD5
3f02a2516380a49f81ae8e15e7f548cc
-
SHA1
282b7fca5197f2257c91e61e5dbbcfdcab9df9eb
-
SHA256
a38d11fe4e93ba2f88c70c336a98b0f093508fea47967b5a6a7784a7e5a90017
-
SHA512
4c2d392b2bf2cd3c1a14a5bd7a2aef9b7d84c46c0c0180979bc21bdc3e9ef4a069c8e97d843a43f0cc984003e176b719a21705f4a98ae74a4e9a521e527997a4
-
SSDEEP
24576:iAHnh+eWsN3skA4RV1Hom2KXMmHaYdQOhQHQVQH8bj5QF5:lh+ZkldoPK8YaYibHP
Static task
static1
Behavioral task
behavioral1
Sample
a38d11fe4e93ba2f88c70c336a98b0f093508fea47967b5a6a7784a7e5a90017.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a38d11fe4e93ba2f88c70c336a98b0f093508fea47967b5a6a7784a7e5a90017.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
a38d11fe4e93ba2f88c70c336a98b0f093508fea47967b5a6a7784a7e5a90017
-
Size
1.2MB
-
MD5
3f02a2516380a49f81ae8e15e7f548cc
-
SHA1
282b7fca5197f2257c91e61e5dbbcfdcab9df9eb
-
SHA256
a38d11fe4e93ba2f88c70c336a98b0f093508fea47967b5a6a7784a7e5a90017
-
SHA512
4c2d392b2bf2cd3c1a14a5bd7a2aef9b7d84c46c0c0180979bc21bdc3e9ef4a069c8e97d843a43f0cc984003e176b719a21705f4a98ae74a4e9a521e527997a4
-
SSDEEP
24576:iAHnh+eWsN3skA4RV1Hom2KXMmHaYdQOhQHQVQH8bj5QF5:lh+ZkldoPK8YaYibHP
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-