General
-
Target
PAYMENT DETAILS.exe
-
Size
576KB
-
Sample
210131-5x7qqzy5qa
-
MD5
f58246abe4c6c20a44a110137d141310
-
SHA1
5fac0ab48685e8154bfc3cd3a7fe36f092d990b8
-
SHA256
47ffaf572157824fb5a40a2706bd72f3e0e43090c621c9d676031fd80bb35fe5
-
SHA512
2ffee4c3994506fdbe3da6aeb7844868b7f12989d3f1717a9d80f1d260cf17340adc5c936ee6dcdf9c24a77ff8f7f375563e88116f08cb75e7f96899948362f1
Static task
static1
Behavioral task
behavioral1
Sample
PAYMENT DETAILS.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
PAYMENT DETAILS.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
PAYMENT DETAILS.exe
-
Size
576KB
-
MD5
f58246abe4c6c20a44a110137d141310
-
SHA1
5fac0ab48685e8154bfc3cd3a7fe36f092d990b8
-
SHA256
47ffaf572157824fb5a40a2706bd72f3e0e43090c621c9d676031fd80bb35fe5
-
SHA512
2ffee4c3994506fdbe3da6aeb7844868b7f12989d3f1717a9d80f1d260cf17340adc5c936ee6dcdf9c24a77ff8f7f375563e88116f08cb75e7f96899948362f1
Score10/10-
Snake Keylogger Payload
-
Beds Protector Packer
Detects Beds Protector packer used to load .NET malware.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-