Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Vessel details.exe
-
Size
760KB
-
Sample
240219-jsn1tsbd32
-
MD5
b94c080f200e5753ea7152dbded67b82
-
SHA1
40d6f50acfc666ed9c6d702fce1ff348a3e2340c
-
SHA256
13c9a7d889aedbf547fcdbca4e40482fe5c22abdbb16952b8287c2d10e316037
-
SHA512
4794b0ff8b712c2b4f9c05fbe83b3be6f32f06f8431644c1e475f5969e392e61080a4a12b4946b870696da3f795878e69b6700f0b8082bc0722ad0b7d081177a
-
SSDEEP
12288:I5MYr05MYr85MYrn3zrmeCcGdBCZCNouadKgr9ePz:IGSJvJCddBaCNGe
Static task
static1
Behavioral task
behavioral1
Sample
Vessel details.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Vessel details.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
Vessel details.exe
-
Size
760KB
-
MD5
b94c080f200e5753ea7152dbded67b82
-
SHA1
40d6f50acfc666ed9c6d702fce1ff348a3e2340c
-
SHA256
13c9a7d889aedbf547fcdbca4e40482fe5c22abdbb16952b8287c2d10e316037
-
SHA512
4794b0ff8b712c2b4f9c05fbe83b3be6f32f06f8431644c1e475f5969e392e61080a4a12b4946b870696da3f795878e69b6700f0b8082bc0722ad0b7d081177a
-
SSDEEP
12288:I5MYr05MYr85MYrn3zrmeCcGdBCZCNouadKgr9ePz:IGSJvJCddBaCNGe
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-