Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
51fa78a1b3137cde2cad099e3825f321.zip
-
Size
472KB
-
Sample
230703-jmvw7agf8z
-
MD5
dd0310de14e18a484a7ef9f2d31a68b5
-
SHA1
3f2be640ebc240330bb29374308ec5d2054f486f
-
SHA256
3fa1ecd98e2813f766547077464a004fd1aed554850f539eda2747fce43f63dd
-
SHA512
3206ad59a9bf287f34ee0825aa35774d47b673a411b9dbe2b6f25bb620608e271a0ca2ce177731fccaf8b8c92eff222b147c75b8f375c637dc49c83692b6d46e
-
SSDEEP
12288:ECx0GdGCXScm9KDTeJfcIC9o3d31YzBY3Sn6xu1BH7sYxxfqp:pxHGpieZvC9o3tkBqSnJ1i3p
Static task
static1
Behavioral task
behavioral1
Sample
Fizetési másolatCT06292023.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
Fizetési másolatCT06292023.exe
Resource
win10-20230621-en
Behavioral task
behavioral3
Sample
Fizetési másolatCT06292023.exe
Resource
win10v2004-20230621-en
Malware Config
Extracted
snakekeylogger
Protocol: ftp- Host:
ftp://peruglobo.com/ - Port:
21 - Username:
[email protected] - Password:
YSw&oCV&c23w
Targets
-
-
Target
Fizetési másolatCT06292023.exe
-
Size
630KB
-
MD5
51fa78a1b3137cde2cad099e3825f321
-
SHA1
c7bbbef38683de5eb911915524ead1eb6c8b3b90
-
SHA256
3dedd91d5d734fdea8fa04714e99b1fdcac4c06626ad2e10aa825e71fc18c3c3
-
SHA512
2c236bd2910a601b4e2cfb659c09e96eafa526a640b7e15705fafda227e89f49e6f8a6be477a5e1b63264651675fe11bc12226a3d7d11b8f7e5b5229a33e0eac
-
SSDEEP
12288:M9Xnc5JdxDe91WvvwZin4A6RRFbrEr7GQvDN81:HxDKwjMRC/Lp81
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-