General
-
Target
f223962d913a5a81a1e8ede9f2751d1b.exe
-
Size
657KB
-
Sample
210721-sves6tm35n
-
MD5
f223962d913a5a81a1e8ede9f2751d1b
-
SHA1
0d68ea4b1b2baac139cf78bad27918f864640061
-
SHA256
edf4be11c04f2228e6448b9e771f3f8969e8bfcbf914252064c8ee07629c5f4a
-
SHA512
8bfd30d10d8fe162a978529b30844bdd069f74e9fbb598bba89e5611352015838b5de068a0e932ebf91358256ef92424aad815436acee29504d89e4ce8b01dd1
Static task
static1
Behavioral task
behavioral1
Sample
f223962d913a5a81a1e8ede9f2751d1b.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
f223962d913a5a81a1e8ede9f2751d1b.exe
Resource
win10v20210410
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
smtp.ccsp-india.com - Port:
587 - Username:
[email protected] - Password:
Lkp$CcsP1008
Targets
-
-
Target
f223962d913a5a81a1e8ede9f2751d1b.exe
-
Size
657KB
-
MD5
f223962d913a5a81a1e8ede9f2751d1b
-
SHA1
0d68ea4b1b2baac139cf78bad27918f864640061
-
SHA256
edf4be11c04f2228e6448b9e771f3f8969e8bfcbf914252064c8ee07629c5f4a
-
SHA512
8bfd30d10d8fe162a978529b30844bdd069f74e9fbb598bba89e5611352015838b5de068a0e932ebf91358256ef92424aad815436acee29504d89e4ce8b01dd1
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-