General
-
Target
0000090800000.exe
-
Size
612KB
-
Sample
210118-y9dk4g488s
-
MD5
6734c7910258d62e1c84780cc7eef6bc
-
SHA1
fae8e810e11fba9a6242d2583fd195c81b9f9f11
-
SHA256
c3d7a2d437b127a3a6732855eb05a8044a6fe889c04fcecc95403e90695f6e87
-
SHA512
017b09cf7258c7a2b2309da211ca50ad3cfccbe8cbefd721802a0227710d0a85302bfc6d3c5925862d296e7fc35e3c647d913c9203b80d0bb64a2229c14d6753
Static task
static1
Behavioral task
behavioral1
Sample
0000090800000.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
0000090800000.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
0000090800000.exe
-
Size
612KB
-
MD5
6734c7910258d62e1c84780cc7eef6bc
-
SHA1
fae8e810e11fba9a6242d2583fd195c81b9f9f11
-
SHA256
c3d7a2d437b127a3a6732855eb05a8044a6fe889c04fcecc95403e90695f6e87
-
SHA512
017b09cf7258c7a2b2309da211ca50ad3cfccbe8cbefd721802a0227710d0a85302bfc6d3c5925862d296e7fc35e3c647d913c9203b80d0bb64a2229c14d6753
Score10/10-
Snake Keylogger Payload
-
Drops startup file
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-