General
-
Target
INV0009876.exe
-
Size
666KB
-
Sample
210119-6aqdhbge5x
-
MD5
2f7ea13f989e231b54104840f0ca91ce
-
SHA1
69e1a342cfaed1eaf5e3daa0427a3715be32c967
-
SHA256
3bea531a02c14fe09f631ee0f957d12bbf07085c666ee0c5f05de926e88d40c8
-
SHA512
8abee6f0b36140e1404279d8a3e71c8bce5e2168cdc2f128349e439e95860d5ccaf1905bc585d6a0fd51d050a56ebfb6819f9836ac6422281ed5dab6cd410fd3
Static task
static1
Behavioral task
behavioral1
Sample
INV0009876.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
INV0009876.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
INV0009876.exe
-
Size
666KB
-
MD5
2f7ea13f989e231b54104840f0ca91ce
-
SHA1
69e1a342cfaed1eaf5e3daa0427a3715be32c967
-
SHA256
3bea531a02c14fe09f631ee0f957d12bbf07085c666ee0c5f05de926e88d40c8
-
SHA512
8abee6f0b36140e1404279d8a3e71c8bce5e2168cdc2f128349e439e95860d5ccaf1905bc585d6a0fd51d050a56ebfb6819f9836ac6422281ed5dab6cd410fd3
Score10/10-
Snake Keylogger Payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-