General
-
Target
Halkbank_Ekstre_202110019_095125_132879.exe
-
Size
71KB
-
Sample
211019-rg93xsghak
-
MD5
35c391b0a4b97276489924d5da9ab670
-
SHA1
78dd57eafbb010183079b33f9658e230c12dfa57
-
SHA256
397a92325574242df8c149cfd8b634d9a038c358dff49bf8df97f0cbb8920ec0
-
SHA512
01a62ed624841ddbe6baa6aadbdd11eebd22bb43e3818ec0df37075c16c9d420a0c49f18f92397ba01be567ecd9286a169c14e1d80fadee3d8c6e4925bf358a0
Static task
static1
Behavioral task
behavioral1
Sample
Halkbank_Ekstre_202110019_095125_132879.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
Halkbank_Ekstre_202110019_095125_132879.exe
Resource
win10-en-20211014
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.enmmakina.com.tr - Port:
587 - Username:
[email protected] - Password:
WG7sfIIm5
Targets
-
-
Target
Halkbank_Ekstre_202110019_095125_132879.exe
-
Size
71KB
-
MD5
35c391b0a4b97276489924d5da9ab670
-
SHA1
78dd57eafbb010183079b33f9658e230c12dfa57
-
SHA256
397a92325574242df8c149cfd8b634d9a038c358dff49bf8df97f0cbb8920ec0
-
SHA512
01a62ed624841ddbe6baa6aadbdd11eebd22bb43e3818ec0df37075c16c9d420a0c49f18f92397ba01be567ecd9286a169c14e1d80fadee3d8c6e4925bf358a0
Score10/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-