General
-
Target
INVO_0000765346700.exe
-
Size
831KB
-
Sample
210121-wf1nvmn2ye
-
MD5
0e7ba71841d588d386f72ce5a9db1ac4
-
SHA1
f83eb0821ef7a56b4dbc10b1baa46be3d1c966a0
-
SHA256
7484614b3839b55e6b0ec7c80032f01aa650cd6ed11ea08f10e3438f0c6810eb
-
SHA512
60e7c492316fb2c8e524579c7721d4903dde9f09e53bce39e9456158c76cea21c430642ebb4cbc6bf308b96efae41564e45e707970f46dc15cc838c07208093b
Static task
static1
Behavioral task
behavioral1
Sample
INVO_0000765346700.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
INVO_0000765346700.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
INVO_0000765346700.exe
-
Size
831KB
-
MD5
0e7ba71841d588d386f72ce5a9db1ac4
-
SHA1
f83eb0821ef7a56b4dbc10b1baa46be3d1c966a0
-
SHA256
7484614b3839b55e6b0ec7c80032f01aa650cd6ed11ea08f10e3438f0c6810eb
-
SHA512
60e7c492316fb2c8e524579c7721d4903dde9f09e53bce39e9456158c76cea21c430642ebb4cbc6bf308b96efae41564e45e707970f46dc15cc838c07208093b
Score10/10-
Snake Keylogger Payload
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-