Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
AO XIANG FZCO Order.zip
-
Size
465KB
-
Sample
240111-q2x4eshaak
-
MD5
459cd973813b0490854ec87d19076549
-
SHA1
ecf1b3824021b21735ef0d5476cafe17f9c83112
-
SHA256
afca7cc06c7a29bd03d1eef16dfa92d07c6ff8ea6dc94486df9fdca99e6539aa
-
SHA512
0c22207dfb7d1d92e234dcae532f8b107f7693343dc7c22447ac37d2388b4617ee8a399a0d8e0bc0c888c0ba964a1405c285e75e9eafea22b61b4fb41111c0f2
-
SSDEEP
12288:racxJgEkpgTwBdAYJPrWYBg6U8+vR2xbbfCK15Ckc2:ram6TOTuZjW+o8+vcXh15XB
Static task
static1
Behavioral task
behavioral1
Sample
AO XIANG FZCO Order.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
AO XIANG FZCO Order.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
AO XIANG FZCO Order.exe
-
Size
824KB
-
MD5
6abf9774f4de80024cde72bd2200834c
-
SHA1
71b97fad458bb9a92b50bef5581969dff2dea71f
-
SHA256
54e6afb0e1d73c40ef7469640af6788fe46dfff38ac239ce66ba1fc9acbc788b
-
SHA512
fcf8e1bfa3868f0854436ba4b7c507c6b572a9e8cfe974ca654d6d744319ebd90091dba016a87427fe31b0272ce090a46554bb525eb03e553af431ddbc0fa327
-
SSDEEP
12288:fhsc0NQMU2IFLmtAodzVOdQdoyRYOrcritRdhUHlPdB6VeVQbW:ff8VGLmeoXOSdjRsutRdhUHpdgV7
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-