General
-
Target
0009099889000.exe
-
Size
669KB
-
Sample
210119-bs52fs111a
-
MD5
edab703ee29783721ea20698a5b612a0
-
SHA1
64bb591072817159806aea7c850a2f63527138ea
-
SHA256
9acf2d500081ec8152e15e994cd78b6bc7ac0b5bc812cd92e091a9b49d619cbb
-
SHA512
0b31f7945823a3efb641db5f087849ef0e1113fd5a4e67b1b080d1b201cc863de8d0ec3471bf1dfe01da00256b3ebbf5fee9f299cdddb9c1df1b732344c9baf1
Static task
static1
Behavioral task
behavioral1
Sample
0009099889000.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
0009099889000.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
0009099889000.exe
-
Size
669KB
-
MD5
edab703ee29783721ea20698a5b612a0
-
SHA1
64bb591072817159806aea7c850a2f63527138ea
-
SHA256
9acf2d500081ec8152e15e994cd78b6bc7ac0b5bc812cd92e091a9b49d619cbb
-
SHA512
0b31f7945823a3efb641db5f087849ef0e1113fd5a4e67b1b080d1b201cc863de8d0ec3471bf1dfe01da00256b3ebbf5fee9f299cdddb9c1df1b732344c9baf1
Score10/10-
Snake Keylogger Payload
-
Drops startup file
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-