General
-
Target
9119a914907a0e257b420f2b500a85ab.exe
-
Size
480KB
-
Sample
210117-qpwhxv1lln
-
MD5
9119a914907a0e257b420f2b500a85ab
-
SHA1
20a24a50a06886d44faced1a80c51e5b477fc8bd
-
SHA256
2394c4fb7bea229f3842aeb5d70bd61a42b2d93a8ed2054f35dd497370602e43
-
SHA512
8c0ea5b815df947607f1b0749cf1eb9b079aeec924cb6914f900fcc6219ba4c06baf05902099f469de04536e92dbed87d21e2f646ccd27ed49a954d988567762
Static task
static1
Behavioral task
behavioral1
Sample
9119a914907a0e257b420f2b500a85ab.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
9119a914907a0e257b420f2b500a85ab.exe
Resource
win10v20201028
Malware Config
Extracted
Protocol: smtp- Host:
pro40.emailserver.vn - Port:
587 - Username:
[email protected] - Password:
Vexa@2013
Targets
-
-
Target
9119a914907a0e257b420f2b500a85ab.exe
-
Size
480KB
-
MD5
9119a914907a0e257b420f2b500a85ab
-
SHA1
20a24a50a06886d44faced1a80c51e5b477fc8bd
-
SHA256
2394c4fb7bea229f3842aeb5d70bd61a42b2d93a8ed2054f35dd497370602e43
-
SHA512
8c0ea5b815df947607f1b0749cf1eb9b079aeec924cb6914f900fcc6219ba4c06baf05902099f469de04536e92dbed87d21e2f646ccd27ed49a954d988567762
Score10/10-
Snake Keylogger Payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-