General
-
Target
000000000009000000.exe
-
Size
2.0MB
-
Sample
210118-bxbgb1b8c2
-
MD5
461c2f7a18021fc7dacfc9b56a0e7f23
-
SHA1
beb1a5817802137d5a59aa901670a87590a7b02c
-
SHA256
0d5b8fae3f5a14d0cccf3e1390d1d1bb8e7a5f09a34d77a7239a359cff80404e
-
SHA512
4ec980338e4c2cc3a71cb8a6a663682e5aa595b0aebabb040ae72cc4c00d7c970b8f9acb9e189e9da67ef27163309f72f2e1cfbd0a73e9ac6bda3f61528e83fb
Static task
static1
Behavioral task
behavioral1
Sample
000000000009000000.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
000000000009000000.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
000000000009000000.exe
-
Size
2.0MB
-
MD5
461c2f7a18021fc7dacfc9b56a0e7f23
-
SHA1
beb1a5817802137d5a59aa901670a87590a7b02c
-
SHA256
0d5b8fae3f5a14d0cccf3e1390d1d1bb8e7a5f09a34d77a7239a359cff80404e
-
SHA512
4ec980338e4c2cc3a71cb8a6a663682e5aa595b0aebabb040ae72cc4c00d7c970b8f9acb9e189e9da67ef27163309f72f2e1cfbd0a73e9ac6bda3f61528e83fb
Score10/10-
Snake Keylogger Payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-