Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Agent.COR

Trojan.Agent.COR

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 12,036
Threat Level: 80 % (High)
Infected Computers: 50
First Seen: September 7, 2024
Last Seen: February 9, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.Agent.COR
Signature status: No Signature

Known Samples

MD5: ec43ce39d5b7e1215f9ce0a77a9562e5
SHA1: 6b38f5ad1c030b8936c5a65a00e3dc05149a9c9b
SHA256: 93D4ECADBCD00A92C24086CF7082B5556F0D91055C18495CAA05886CC2204681
File Size: 36.35 KB, 36352 bytes
MD5: a7fa7365d6cf7c1851661e683b47d809
SHA1: 5b134950f332c3f7489295b8ecaa223c0a00d54a
SHA256: 4D764675EC6EB78E81C85F156B6239730AB4E1137C4CC4486029A2E72FCE7C04
File Size: 81.41 KB, 81408 bytes
MD5: 0432fc59d8974371a2d16e3d36d40afc
SHA1: 842bd268a011d5805d83c53f0a589b0b236d68ce
SHA256: BA7817E0C13FD02CCCD6DCA61598B27FC4C42567299C3EED217D2FB34E3F8DA6
File Size: 274.25 KB, 274248 bytes
MD5: fe7428f94f1e9e6c936dfea3a3a4bfd2
SHA1: 483b2f78e3436ea5ea852fe3875a5a4d66b15628
SHA256: 05034458984C966E2A014EC925F93D5E3C118964EE8E9D39F1F1FA2D1A8CBF60
File Size: 126.98 KB, 126976 bytes
MD5: 1bdbdb8b9df4b8bda3b14bf4f418311f
SHA1: 102ca51c3a9e1dfe29b7a07d43015bf8913c20ad
SHA256: F52DE961C5B215F78035132AEEB745C27A7CC0E2816FA6FA69C56FCAE9793134
File Size: 266.24 KB, 266240 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have exports table
  • File doesn't have security information
  • File has exports table
  • File has TLS information
  • File is 64-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name Accelonix
File Description Text extraction from image (OCR) based on Tesseract
File Version 15.0.4.64
Internal Name ACX Tesseract
Legal Copyright Copyright © 2025
Original Filename acx_tesseract.exe
Product Name Accelonix
Product Version 15.1.1111.0

Digital Signatures

Signer Root Status
Priyo Hutomo SSL.com Root Certification Authority RSA Root Not Trusted

File Traits

  • dll
  • No Version Info
  • WriteProcessMemory
  • x64

Block Information

Total Blocks: 421
Potentially Malicious Blocks: 0
Whitelisted Blocks: 276
Unknown Blocks: 145

Visual Map

0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? ? ? ? 0 ? 0 ? ? ? 0 ? 0 ? ? ? ? ? ? ? ? ? ? 0 ? ? 0 ? ? 0 ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 0 ? 0 0 ? ? ? ? ? ? ? ? ? ? 0 ? ? 0 ? ? 0 ? ? 0 ? 0 ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? 0 ? ? ? ? ? 0 ? ? 0 0 ? ? ? 0 0 ? ? ? ? ? ? 0 ? 0 ? 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? 0 ? 0 0 0 0 ? 0 ? 0 0 0 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 0 ? ? ? ? ? 0 0 0 ? ? ? 0 0 ? 0 0 ? ? ? ? 0 ? 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 ? ? ? ? ? 0 ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 1 0 1 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 ? ?
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcConnectPort
  • ntdll.dll!NtAlpcConnectPortEx
  • ntdll.dll!NtAlpcQueryInformation
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtAlpcSetInformation
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtAssociateWaitCompletionPacket
  • ntdll.dll!NtClose
Show More
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateFile
  • ntdll.dll!NtCreateIoCompletion
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtCreateSemaphore
  • ntdll.dll!NtCreateThreadEx
  • ntdll.dll!NtCreateTimer2
  • ntdll.dll!NtCreateWaitCompletionPacket
  • ntdll.dll!NtCreateWorkerFactory
  • ntdll.dll!NtDeviceIoControlFile
  • ntdll.dll!NtDuplicateObject
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtEnumerateKey
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenDirectoryObject
  • ntdll.dll!NtOpenEvent
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenMutant
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadToken
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryInformationFile
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryLicenseValue
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQuerySecurityObject
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtQuerySystemInformationEx
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReadFile
  • ntdll.dll!NtReadRequestData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationKey
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSetTimer2
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWriteFile
  • ntdll.dll!NtWriteVirtualMemory
  • UNKNOWN
  • win32u.dll!NtGdiBitBlt
  • win32u.dll!NtGdiCreateBitmap
  • win32u.dll!NtGdiCreateCompatibleDC
  • win32u.dll!NtGdiCreateDIBitmapInternal
  • win32u.dll!NtGdiCreateSolidBrush
  • win32u.dll!NtGdiDeleteObjectApp
  • win32u.dll!NtGdiExtGetObjectW
  • win32u.dll!NtGdiGetDCforBitmap
  • win32u.dll!NtGdiGetDCObject
  • win32u.dll!NtGdiGetDeviceCaps
  • win32u.dll!NtGdiRestoreDC
  • win32u.dll!NtGdiSaveDC
  • win32u.dll!NtGdiSelectBitmap
  • win32u.dll!NtGdiSetDIBitsToDeviceInternal
  • win32u.dll!NtUserBuildHwndList
  • win32u.dll!NtUserCallTwoParam
  • win32u.dll!NtUserCreateEmptyCursorObject
  • win32u.dll!NtUserCreateWindowEx
  • win32u.dll!NtUserDestroyWindow

29 additional items are not displayed above.

Anti Debug
  • IsDebuggerPresent
  • OutputDebugString
User Data Access
  • GetUserObjectInformation

Trending

Most Viewed

Loading...