Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f66b142cec2ee6f43eb5a05de6bf30c0b457a0c8fd9cf99fe9689175f616acc9
-
Size
1.1MB
-
Sample
240625-bts26sshlc
-
MD5
57c0ad6188b1cab2ad6176855a880458
-
SHA1
b89447ab4cc4afbfcba5a298594f4373c668c190
-
SHA256
f66b142cec2ee6f43eb5a05de6bf30c0b457a0c8fd9cf99fe9689175f616acc9
-
SHA512
a1abdc02b1d47058d0a2aaaf126af8074c5d9f4ba8a432bd2d10ecd9727881b9dba2611c1aa8fa077a1baee72aa20890775ca877b1a6e9858bd1094ec5263a49
-
SSDEEP
24576:AoZN1AS8yf9EX5Cnmy2HUbrN+X0nOFPqscjHNaThYQQsIZCG:A5FQtaThbQgG
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
emidco.com - Port:
587 - Username:
[email protected] - Password:
DMmpPxx9c - Email To:
[email protected]
Targets
-
-
Target
f66b142cec2ee6f43eb5a05de6bf30c0b457a0c8fd9cf99fe9689175f616acc9
-
Size
1.1MB
-
MD5
57c0ad6188b1cab2ad6176855a880458
-
SHA1
b89447ab4cc4afbfcba5a298594f4373c668c190
-
SHA256
f66b142cec2ee6f43eb5a05de6bf30c0b457a0c8fd9cf99fe9689175f616acc9
-
SHA512
a1abdc02b1d47058d0a2aaaf126af8074c5d9f4ba8a432bd2d10ecd9727881b9dba2611c1aa8fa077a1baee72aa20890775ca877b1a6e9858bd1094ec5263a49
-
SSDEEP
24576:AoZN1AS8yf9EX5Cnmy2HUbrN+X0nOFPqscjHNaThYQQsIZCG:A5FQtaThbQgG
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-