Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

구매 주문.exe

windows7-x64

10

구매 주문.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26092024_0459_25092024_w10PO.rar

  • Size

    589KB

  • Sample

    240926-fmnlbsyfjn

  • MD5

    10592d5ed6cbacd1cd4dc050bce229b6

  • SHA1

    61a6715e4dbca5463949a1af1b48d65ac086ae57

  • SHA256

    63740e867565e32e2dff07b1a847c9cb41b7857ae05914ab855f7df82f71e9de

  • SHA512

    350580c98ffc6b88cf51b738cf86c0e54c2d8aae1e628c65adff8b9f94dacd33ab22ab382bceede3613a31eb458ce7a0034fa73d38abb2fea4614dbe212163d1

  • SSDEEP

    12288:p+6Us22R24Q4HNJiCyn4jakiE14KCU6oxXLE8x+EaT2Qm/Wg8e25:pSR0W4tJiCZjakf1XCUbxXLtnjw

Score
10/10
snakekeyloggercollectiondiscoverykeyloggerstealer

Malware Config

Extracted

Family

snakekeylogger

Credentials

Targets

    • Target

      구매 주문.exe

    • Size

      942KB

    • MD5

      5c10967b59a71f6a98598350c49cc44b

    • SHA1

      27a239efb62d33a5f70c8bf1759b7a81349d88b8

    • SHA256

      3bd91515dfd11609bbac1c83dabdf5caede5c7556fb4f3823de320aa117af86b

    • SHA512

      113a637cbef3b5137568523285ec654f273105c5339483831f7167488c7ff403a92e15036f94390c8c03a2921b580e7c2076ad5ae8c1685e8b4e65e5e86e9fc6

    • SSDEEP

      24576:uRmJkcoQricOIQxiZY1iaCYcFJspLKDmG:7JZoQrbTFZY1iaCYcbsp0

    Score
    10/10
    snakekeyloggercollectiondiscoverykeyloggerstealer

    • Snake Keylogger

      Keylogger and Infostealer first seen in November 2020.

      stealerkeyloggersnakekeylogger

    • Snake Keylogger payload

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks