Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

SUN ACE TB...oc.exe

windows7-x64

10

SUN ACE TB...oc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SUN ACE TBN VESSEL DETAILS.doc.exe

  • Size

    1.2MB

  • Sample

    241008-e1epxaydnq

  • MD5

    56e68d8bcd3f1cdde361be4cb038e0fe

  • SHA1

    96c6e802499baf1530dde3720184a5d0044b06fb

  • SHA256

    9a9d325dff86bf2b672b9aa003e29b024f6c7fa1c158e2b704affbcb4568b036

  • SHA512

    163279de5e0836037496471a5ce76ec36f6bd66fd67dc8e852d5d2a3d2e542347f867722a2cc5015167793d27eeab1d116ce224ed2b24ad1ba9a1c118b86656a

  • SSDEEP

    24576:ffmMv6Ckr7Mny5QL+eYpzH2he1mlAdEq91nNlU:f3v+7/5QLoFH2h+5EUnNlU

Score
10/10
agenttesladiscoverykeyloggerspywarestealertrojan

Malware Config

Targets

    • Target

      SUN ACE TBN VESSEL DETAILS.doc.exe

    • Size

      1.2MB

    • MD5

      56e68d8bcd3f1cdde361be4cb038e0fe

    • SHA1

      96c6e802499baf1530dde3720184a5d0044b06fb

    • SHA256

      9a9d325dff86bf2b672b9aa003e29b024f6c7fa1c158e2b704affbcb4568b036

    • SHA512

      163279de5e0836037496471a5ce76ec36f6bd66fd67dc8e852d5d2a3d2e542347f867722a2cc5015167793d27eeab1d116ce224ed2b24ad1ba9a1c118b86656a

    • SSDEEP

      24576:ffmMv6Ckr7Mny5QL+eYpzH2he1mlAdEq91nNlU:f3v+7/5QLoFH2h+5EUnNlU

    Score
    10/10
    agenttesladiscoverykeyloggerspywarestealertrojan

    • AgentTesla

      Agent Tesla is a remote access tool (RAT) written in visual basic.

      keyloggertrojanstealerspywareagenttesla

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.