Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
69061f74cdb3e055257f8b539f084cc1095a7c3ee7301522dafa5e1ca8b8fb04
-
Size
1013KB
-
Sample
220929-khp1taabf5
-
MD5
917dbc2b27a9d0956cdd8539115e9e31
-
SHA1
8f24c4cd684a538d766854e14e1a87059c371e71
-
SHA256
69061f74cdb3e055257f8b539f084cc1095a7c3ee7301522dafa5e1ca8b8fb04
-
SHA512
894341a781d7d6a6558950249df558b640e2d93f1f1b3aefb37da7e07ade774f440163829de14f30af527269e108c6842ad6c0f300e47583aa0f68341f52ca8b
-
SSDEEP
12288:hG2iNMrmm1kzjzbkQrhf8zTscxqNGOMbQih1VPN3yGAcV1ObYBzn/BGkT:M1AB1pHEibQm9IcusFnZ7
Static task
static1
Behavioral task
behavioral1
Sample
69061f74cdb3e055257f8b539f084cc1095a7c3ee7301522dafa5e1ca8b8fb04.exe
Resource
win10-20220812-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
*OVvvfp9851Wg - Email To:
[email protected]
Targets
-
-
Target
69061f74cdb3e055257f8b539f084cc1095a7c3ee7301522dafa5e1ca8b8fb04
-
Size
1013KB
-
MD5
917dbc2b27a9d0956cdd8539115e9e31
-
SHA1
8f24c4cd684a538d766854e14e1a87059c371e71
-
SHA256
69061f74cdb3e055257f8b539f084cc1095a7c3ee7301522dafa5e1ca8b8fb04
-
SHA512
894341a781d7d6a6558950249df558b640e2d93f1f1b3aefb37da7e07ade774f440163829de14f30af527269e108c6842ad6c0f300e47583aa0f68341f52ca8b
-
SSDEEP
12288:hG2iNMrmm1kzjzbkQrhf8zTscxqNGOMbQih1VPN3yGAcV1ObYBzn/BGkT:M1AB1pHEibQm9IcusFnZ7
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-