General
-
Target
000909000000000000.exe
-
Size
587KB
-
Sample
210118-c9pjcpf1nj
-
MD5
db728ca63b516164bff44c2374a24c81
-
SHA1
3d602e1ee511c52dc56c47e9f9430d73384751cf
-
SHA256
7976634e38ef319a5d9cab0aa72ed0d8a4ec71ea6449b2f6ee41565828d2f3ca
-
SHA512
850b13d709460be7d5bd00d725bbad3d6cef0191fb74d74130194aa8d997440a5ea2d8c16a43f25d306a6876ef2c98197e41258be5784d4eb94cce8d6519c539
Static task
static1
Behavioral task
behavioral1
Sample
000909000000000000.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
000909000000000000.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
000909000000000000.exe
-
Size
587KB
-
MD5
db728ca63b516164bff44c2374a24c81
-
SHA1
3d602e1ee511c52dc56c47e9f9430d73384751cf
-
SHA256
7976634e38ef319a5d9cab0aa72ed0d8a4ec71ea6449b2f6ee41565828d2f3ca
-
SHA512
850b13d709460be7d5bd00d725bbad3d6cef0191fb74d74130194aa8d997440a5ea2d8c16a43f25d306a6876ef2c98197e41258be5784d4eb94cce8d6519c539
Score10/10-
Snake Keylogger Payload
-
Drops startup file
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-