General
-
Target
INQUIRY REQUEST FOR QUOTATION Speedwell India.gz
-
Size
745KB
-
Sample
210624-ff538fpr1x
-
MD5
343938206ceba217c28dd73a03c0196f
-
SHA1
5d2c5f094d36de29f9d6f5c4516468c9f4d11050
-
SHA256
96b9595326cc63e69e0e7f8771b681737f957f4a313b56d2fb9baa06ecab06d3
-
SHA512
e558ed59af0c4c57195fe515a1cdb29a2c3a18779240106f628c48ab90a56d1da8e7b93ecd9154fb331fd279520264321196357d234aabd2b44c2eb13c9bd23f
Static task
static1
Behavioral task
behavioral1
Sample
INQUIRY REQUEST FOR QUOTATION Speedwell India.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
INQUIRY REQUEST FOR QUOTATION Speedwell India.exe
Resource
win10v20210410
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.totalkitchensandbathrooms.com.au - Port:
587 - Username:
webmaster@totalkitchensandbathrooms.com.au - Password:
iVp)4Im_5}(%
Targets
-
-
Target
INQUIRY REQUEST FOR QUOTATION Speedwell India.exe
-
Size
1.4MB
-
MD5
9bfe6b1554fd30018894d120a41f4816
-
SHA1
c1164ecb978384a43e5a94bb006662f558c602cc
-
SHA256
eb484e882001a70dbdd0d7d09c9d39b344592e98795e2a475dd636ce87bcc334
-
SHA512
d91c5560f8b085a1b1e73c09f187a455babfa417efce1d3bb52e248718ec3786540cd3e285e9bf1c407ec957d186c02da4d9abbcdd649fac34ae181bb7bfcf12
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-