General
-
Target
doc 20212110 91888001990010310.zip
-
Size
20KB
-
Sample
211021-hqdlmsagfp
-
MD5
6bee61989d6f705cac42c1ce3423768a
-
SHA1
309397bf6e3e698b929d040ca3dd5a72422de36e
-
SHA256
aa4ade0c722f951c4435ab67f4cc0350f24fd503f64f0baeb5bba82e4f35be24
-
SHA512
d1876866987a8c882a2dacc6563b475382bdd7f02859bb553b084020d2169990eeaab1646727fc06c0056df5e974cba4704e2de2a522dd78db90f18872c09aa6
Static task
static1
Behavioral task
behavioral1
Sample
doc 20212110 91888001990010310.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
doc 20212110 91888001990010310.exe
Resource
win10-en-20210920
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.enmmakina.com.tr - Port:
587 - Username:
m.gul@enmmakina.com.tr - Password:
WG7sfIIm5
Targets
-
-
Target
doc 20212110 91888001990010310.exe
-
Size
40KB
-
MD5
b196a51786776a6e6949fc981b08816c
-
SHA1
8104e49f0581946130020add11844a6e839a2f00
-
SHA256
a399648a50654e3a023c58ef59055b58816a1a117fb1d661ec207b01cd8bb4a8
-
SHA512
73f6bcf8b1995350055624036316c6dd266ce61055b0c0d9cf092850a330a73b013ea5820085a2ab0fdbded7c3912287894e3b549ee5249dfb73f90d5c42689a
Score10/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-