General
-
Target
INV_098789.exe
-
Size
474KB
-
Sample
210120-rdgrg9qm3e
-
MD5
add006df937fd85501cc5722e9e23dc8
-
SHA1
49064657d66f66292daf07564f471c23b33bf3e7
-
SHA256
d86b3acfe2d1e7d16c024f51e56bcba13b05390cea05f6b31e146d172bb2b082
-
SHA512
130a06a4475840aa7ddebbf6129f62079d44e95714f41d0e5e2335053737ce943c8b710b179f551a99e4fc0189c0bdc2e0c29a0aa6662ca6777751e2f17f91f0
Static task
static1
Behavioral task
behavioral1
Sample
INV_098789.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
INV_098789.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
INV_098789.exe
-
Size
474KB
-
MD5
add006df937fd85501cc5722e9e23dc8
-
SHA1
49064657d66f66292daf07564f471c23b33bf3e7
-
SHA256
d86b3acfe2d1e7d16c024f51e56bcba13b05390cea05f6b31e146d172bb2b082
-
SHA512
130a06a4475840aa7ddebbf6129f62079d44e95714f41d0e5e2335053737ce943c8b710b179f551a99e4fc0189c0bdc2e0c29a0aa6662ca6777751e2f17f91f0
Score10/10-
Snake Keylogger Payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-