General
-
Target
COMPANY CATALOG PROFILE- Qingdao Wisdom International Supply Chain Management Co Ltd.zip
-
Size
676KB
-
Sample
230327-qfhrlsde75
-
MD5
3d3b957221feb687fbff10f29354fc44
-
SHA1
121f143ece5d39bb4ed1efc54c6a65e0a618768e
-
SHA256
92aaded03ae797099fdc30885e152dbc90c0159a0ec493743aa50a67fdc27097
-
SHA512
0e34e85a2b78c4b90ebe636b559e45bebf3620e89db4f27c237edcd6403cc614cef1643baab9b52f811bb2ff3eef1bc687bf62ec5bcadf4c6283f3c0eac3062c
-
SSDEEP
12288:9SmvURUZTW9Z1IhwtoGBGM+4HlcPSPZ9+4J1PDXVNdis631pB8I3wWx+LopPi07X:cmMUZK9Ihwt7B5+4FJ3jdb6TBZ3wzolb
Static task
static1
Behavioral task
behavioral1
Sample
COMPANY CATALOG PROFILE- Qingdao Wisdom International Supply Chain Management Co Ltd.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
COMPANY CATALOG PROFILE- Qingdao Wisdom International Supply Chain Management Co Ltd.exe
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
COMPANY CATALOG PROFILE- Qingdao Wisdom International Supply Chain Management Co Ltd.exe
-
Size
753KB
-
MD5
396d3bf7bf022ef37489dba74bf09b35
-
SHA1
13cd1d0c6b8615e4982689142960b51188d1f675
-
SHA256
c4ac65ea4af1e9c789530885c0d2bb838b218553a1fb6e2a6c3a40258f3aafb0
-
SHA512
e62dc758ea6230ecff46aff954594ed4638934a0038651c78b0df1d66f298d9547c828c38bf25dcd21769d091c2a62101bf995d26d8d947cdbf41bf54fd0ea9a
-
SSDEEP
12288:sA5sB0O6JhZ8FzZ1Ih0tomBGI+Y/7gPOPZ9+4JJP1D/NdasS31XB8U32WP+NoLP6:sA5EuD8FzIh0tBBL+Yz/3rdjS1Bj32Rv
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-