Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
COMPANY CATALOG PROFILE- Qingdao Wisdom International Supply Chain Management Co.exe
-
Size
850KB
-
Sample
230325-q6dwcach82
-
MD5
bc1750d3dd4ce0c280e70c8d5a34a0f2
-
SHA1
d7833667fd43a7e279e955172753f0241bc90437
-
SHA256
62f5e65e9a302bda217c87d771ecf0e97bbfd65c6ba64fd1bb8ccdb08b89dbfd
-
SHA512
e4803f8eaac3ac4e49cb725e4fa793ef837d2e4e68b92ebd98189bf8e5f5919346051ae9aee5396b0842c8a433b3f335664ad09bd0d57008852384fabd0d9221
-
SSDEEP
24576:d+FMKUujjIZ/63q9uQqLl68nByaftyE5JM:d+FMpujM/F9Ml68n
Static task
static1
Behavioral task
behavioral1
Sample
COMPANY CATALOG PROFILE- Qingdao Wisdom International Supply Chain Management Co.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
COMPANY CATALOG PROFILE- Qingdao Wisdom International Supply Chain Management Co.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
COMPANY CATALOG PROFILE- Qingdao Wisdom International Supply Chain Management Co.exe
-
Size
850KB
-
MD5
bc1750d3dd4ce0c280e70c8d5a34a0f2
-
SHA1
d7833667fd43a7e279e955172753f0241bc90437
-
SHA256
62f5e65e9a302bda217c87d771ecf0e97bbfd65c6ba64fd1bb8ccdb08b89dbfd
-
SHA512
e4803f8eaac3ac4e49cb725e4fa793ef837d2e4e68b92ebd98189bf8e5f5919346051ae9aee5396b0842c8a433b3f335664ad09bd0d57008852384fabd0d9221
-
SSDEEP
24576:d+FMKUujjIZ/63q9uQqLl68nByaftyE5JM:d+FMpujM/F9Ml68n
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-