Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Agent.DTRE

Trojan.Agent.DTRE

By CagedTech in Trojans

Analysis Report

General information

Family Name: Trojan.Agent.DTRE
Signature status: Hash Mismatch

Known Samples

MD5: a984eaec79d697b3233ab5cb93f5a154
SHA1: 6cf304a37a5f503db3a5f617d3ce51146b2a403e
SHA256: 9F4D3FAE43CF6672EFC0E373F893A72271C0D0B5AFC3FC2583759AA643BA9628
File Size: 1.49 MB, 1485544 bytes
MD5: 033cf1cb21d8b40b3ef37979f068aeec
SHA1: 2680bbcf491ad34042eac0b3372e9421c1333b2a
SHA256: 2A38FD98949AF3AC17AF778F9EA23DDA6731FBBE0CED706E006DD537FF5B71CD
File Size: 1.48 MB, 1476840 bytes
MD5: ad01049ae87cb2bd946807a07a41397a
SHA1: a957b463f03695d9fdf8f32425f4acea465aeb48
SHA256: 23C89E3252A473A2FD6BCAE89C6AAEB9CD0D9A65E92B40EC329F6CB938FAF50F
File Size: 1.49 MB, 1492200 bytes
MD5: 71a4ccda7e9e9fd43e498a2d4f15aa0a
SHA1: e217a7aace80b08b88a8730f94eca336e5992bbb
SHA256: D9943B9266274CB261B9491C6DD34AE2C8F053861AD7211DA387D06E9D419056
File Size: 1.47 MB, 1467624 bytes
MD5: 7ede429e2f5d6500e851b17c331f89eb
SHA1: e26adf3e4280d5df421499872ab1a8f9c4aa4f2b
SHA256: F7EF3E972A12E81ABB04435DC31F486FEF7D84111B588119F3D1EDAB8A63FA1B
File Size: 1.47 MB, 1465064 bytes
Show More
MD5: 994dd53e867cfd469ca325db260f3b3f
SHA1: dcde2b0f680501b6b6eb090ab8bf492169796959
SHA256: 2A4858B984D7C4789B72317A473B51F8AFBB5B8F46E7427D0F13BB66B4098B24
File Size: 1.47 MB, 1470696 bytes
MD5: f4409252b3deeaf76b805eb73aea9aba
SHA1: bfbbfe41bedfeca8f8cefd1d0d02582c086800d4
SHA256: 8BFB5227973FB49599252E97D2EB934F8A913E01A438A033BD229030E552D508
File Size: 1.47 MB, 1474280 bytes
MD5: 3dd13898ea2be001bc195e3a80a48e86
SHA1: c8ceda619108b4501cf251341f6a07ca8a71f869
SHA256: 07B614362902F72BFF5C4CEF10152EF0890B9EBBE1BCA06C8A109D8960B6AFAE
File Size: 1.48 MB, 1482984 bytes
MD5: d283524643a0f4a46cd3d321a5a8ece1
SHA1: 86f8c57014ccbd01771d83ebafc11d6ac230fc18
SHA256: 5380DB69AEEF4C5E12DA3D72F9C773DC2320E09DCD785358B2F6DBF4DAC65C68
File Size: 1.49 MB, 1488768 bytes
MD5: 21d787aac8c3244d929f267867dc0171
SHA1: ecb8efebc0839edf2c86465eb12a69b14df78f1d
SHA256: 08DF8027543A02D7B6D98E483134F44C7306D3562F8D284EA1F054AD8F26ED95
File Size: 1.47 MB, 1468288 bytes
MD5: 007edb010e02ea11275f542371d08588
SHA1: 791e54b6dd030512bcff0c4d4e2c4e3a28de98ba
SHA256: E277A86516C364A767B927D8269E3C7B555C6A1DE1E15EFC37B77A2E8C310B81
File Size: 1.48 MB, 1475968 bytes
MD5: b9f54f10b93fa318e557f98434c476b2
SHA1: 2f2733cab477f457eaa232b1d99863c1db725f74
SHA256: 217B011E3D443694C0DAF339159ACD94E8B0F7B419D59F518F9B52A7D881B609
File Size: 1.47 MB, 1470696 bytes
MD5: 64f218aa192dbca397d995420036b3bb
SHA1: 6c7600cad3a38b76cd8dcca0b9b45df8198258a3
SHA256: E4DA33899ABDAC51840ADF762CB6C674441033CF3CBE3172A138A6B188B96689
File Size: 1.49 MB, 1493224 bytes
MD5: 7f57c1c6605fd34796642c4c4c6b40c8
SHA1: e455eed80a2ad798e863ed1db734ec9d39ae841a
SHA256: 0471352C586BA97128459BB57E9F48CBBCB0406A500A5BBC1F43D0AF3BCF332A
File Size: 1.46 MB, 1456360 bytes
MD5: e34099c45bedd264e2a222d8dd37a904
SHA1: a1d5ec4a93cccc10475bd144924395ea2f25cfdf
SHA256: 403E65F76858A55C382C91F778790685FA3A50DE4139E7CED25299D176E88975
File Size: 1.45 MB, 1449704 bytes
MD5: 897b947e2e51e92dcd7186bc80636ba7
SHA1: 33789fef00448f1323d511ae10e35bde00e58e8a
SHA256: 19A6E3C9465B0C8EDB3B875CA6140BA3686E8748F38869FDC2E0FB4A4D189039
File Size: 1.49 MB, 1489640 bytes
MD5: 937b11a65d134c0e36ae8d034baaaa10
SHA1: 64fac4c2f9abd3783ebf0deb7c0bc8410fd79668
SHA256: 621C2E4974F316E3D5E0B9D087F0F90129928DC5F1421E29C0342E52BE877EEA
File Size: 1.48 MB, 1482112 bytes
MD5: 21468cc50ef8bbb906ba9ded3ebe60d9
SHA1: 15fb151e727034a4e77520764c08eb5ae2ed3512
SHA256: 54909D40CE78029C04FED89F708582BFF686376B83EFC33EBDEBA9AE244829F6
File Size: 1.48 MB, 1481448 bytes
MD5: f8c1dffed89f8faf6ff6dfde84d34be0
SHA1: 6a7bc7fdecbce713f1ecb687ea2d9cabd294e2ca
SHA256: 131F43593F4F88C03CF27E5F98918B189CD8B766FA52AB95A72978D9F81FDAC4
File Size: 1.49 MB, 1488104 bytes
MD5: c96daafaab56d6e44469f955c02e8d17
SHA1: 40af6364dcbeb3e7e0e3a38841112f7ff5d7f7ad
SHA256: 211C40106F536ECDFAD90134E9949D9E3F96E056F85A4A9942CF86B520C3C551
File Size: 868.07 KB, 868072 bytes
MD5: 6453c2ac53d89c41c58747f7955e97b9
SHA1: 7178458cd98f6150ac7d508413a84fc6ce8fd3b6
SHA256: 634C03852C6C6083B37FE956AB15369EB382A36F9A9A34FC45E135DA8F48D5B7
File Size: 1.51 MB, 1509096 bytes
MD5: da2ed0c782ad23cb6d0af7f2dcac57d3
SHA1: c2015c79b83708b6756cc1a853e831c0ac58002f
SHA256: 27EA399A31CEC1A5317F187745793395F706C448D53E017B53729C841A40501C
File Size: 1.48 MB, 1481448 bytes
MD5: 19543bdac0e3dfaf12404ac1b8224968
SHA1: 78a039e4b68547d1452f66e96c8a8406b186bf71
SHA256: CCA7E63DEF61869AC02284BCD345152C2364534081B67A1F4F5CCA13223C6736
File Size: 1.46 MB, 1457384 bytes
MD5: 194cbaf1570946662727c20582250f7f
SHA1: 4fbcf98d260694ae9ead8ed7c0bab0effaed52c6
SHA256: B35BB1CEC6D83368AAF42C4493AFC64592F2B393C2921CB0B6F04F73BFD95889
File Size: 1.48 MB, 1475816 bytes
MD5: ca4edb97cd9a8f267b914fbc0daee172
SHA1: 87261f22bbf462931c1cc11ae6f91a87e5607c11
SHA256: C9870F7675772B0663E40C4A30506CA1B799447F20412BC85EB7DE9D2700BC1D
File Size: 413.18 KB, 413184 bytes
MD5: 84c9b79ef002ca6a9184b03fe44c6738
SHA1: 75f262b272b0924848e582b70bf34533594a1622
SHA256: 07AB0CC2ABE6AAD21DF1A9CEF5D082DF2BE5E5010EEFDF4D2DBBF2749DEE502A
File Size: 1.48 MB, 1481960 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have resources
  • File doesn't have security information
  • File has exports table
  • File has TLS information
  • File is 64-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name Value
Company Name Aethereal Company
File Description Aethereal Platform binary
File Version 21.0.0.0
Full Version 21-aethereal
Internal Name jpackage
Legal Copyright Copyright © 2026
Original Filename jpackage.dll
Product Name Aethereal Platform 21-aethereal
Product Version 21.0.0.0

Digital Signatures

Signer Root Status
Oracle America, Inc. DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 Hash Mismatch
Wireshark Foundation Sectigo Public Code Signing Root R46 Hash Mismatch

File Traits

  • dll
  • fptable
  • x64

Block Information

Total Blocks: 1,678
Potentially Malicious Blocks: 497
Whitelisted Blocks: 1,171
Unknown Blocks: 10

Visual Map

0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x x 0 x 0 ? 0 0 0 x ? ? x x x 0 x 0 0 x x 0 0 x 0 x x x x x x x x 0 x ? x x x x x x ? 0 ? ? 0 0 x x x x x x x x 0 0 x x x x x x 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x x x x 0 0 0 0 x x x x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 ? 0 0 0 x x x x x x x x x x x x x x 0 x 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 ? x 0 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 1 x 1 x 1 x 1 x x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x x 1 x 1 x 1 x 1 x 1 x x 1 x 1 x 1 x 1 x 1 x x 1 x 1 x 1 x 1 x 1 x x 1 x 1 x 1 x 1 x 1 x x 1 0 x x x x x x x x x x x x x 0 0 0 0 x 0 x x x x x x x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 x 1 0 x x x x x 0 0 0 x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 0 0 x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 2 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Agent.DTE
  • Agent.DTRE

Files Modified

File Attributes
c:\users\user\appdata\local\temp\1231635415.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\1939092182.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\2403958052.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\2595185377.txt Generic Write,Read Attributes
c:\users\user\appdata\local\temp\4024171704.txt Generic Write,Read Attributes

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
Show More
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationThread
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWriteFile
  • ntdll.dll!NtWriteVirtualMemory
  • UNKNOWN
  • win32u.dll!NtUserGetKeyboardLayout
  • win32u.dll!NtUserGetThreadState

Trending

Most Viewed

Loading...