General
-
Target
REQUIRED UPDATED SOA.pdf.exe
-
Size
591KB
-
Sample
210118-ks316txx8a
-
MD5
ee7673e9718c0ea2c15cc3b75548fea6
-
SHA1
04fe416ede15f7a0873609fe0660263a6cb7dd95
-
SHA256
ffd9ef759aa1fbd3370a8410771878b7ae941d0c60c5ce41d705aa18e4e59958
-
SHA512
5077e3d64e5309eb54d4e1c85b121847d0a038301008e0c0a732303e6be85ebd9e6553c662268530110233babe4f8dce7156c2a58398ca827818892713245328
Static task
static1
Behavioral task
behavioral1
Sample
REQUIRED UPDATED SOA.pdf.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
REQUIRED UPDATED SOA.pdf.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
REQUIRED UPDATED SOA.pdf.exe
-
Size
591KB
-
MD5
ee7673e9718c0ea2c15cc3b75548fea6
-
SHA1
04fe416ede15f7a0873609fe0660263a6cb7dd95
-
SHA256
ffd9ef759aa1fbd3370a8410771878b7ae941d0c60c5ce41d705aa18e4e59958
-
SHA512
5077e3d64e5309eb54d4e1c85b121847d0a038301008e0c0a732303e6be85ebd9e6553c662268530110233babe4f8dce7156c2a58398ca827818892713245328
Score10/10-
Snake Keylogger Payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-