General
-
Target
Hong Jin International Co Ltd -Order Specification.exe
-
Size
328KB
-
Sample
211125-vejdzafhaq
-
MD5
92df1733b209acdae75ad562ed5efb05
-
SHA1
61f3dbb886a61a3c5a92076fc76ae0254129aa22
-
SHA256
36785b15d49afe5f7a74bc0bd3eba17d3aacd384b1b03452e4f0d32230475dbf
-
SHA512
961c1186f62d96160b3376240b36eaea207d5855d5b93559c6cd743bd562cf25fef21a63b587e076cb8ce902a81e654092f404dcbd0cf720c63ccbe42a843fce
Static task
static1
Behavioral task
behavioral1
Sample
Hong Jin International Co Ltd -Order Specification.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
Hong Jin International Co Ltd -Order Specification.exe
Resource
win10-en-20211014
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.swissunionch.com - Port:
587 - Username:
kelvin1@swissunionch.com - Password:
usV(xxUWCa;u
Targets
-
-
Target
Hong Jin International Co Ltd -Order Specification.exe
-
Size
328KB
-
MD5
92df1733b209acdae75ad562ed5efb05
-
SHA1
61f3dbb886a61a3c5a92076fc76ae0254129aa22
-
SHA256
36785b15d49afe5f7a74bc0bd3eba17d3aacd384b1b03452e4f0d32230475dbf
-
SHA512
961c1186f62d96160b3376240b36eaea207d5855d5b93559c6cd743bd562cf25fef21a63b587e076cb8ce902a81e654092f404dcbd0cf720c63ccbe42a843fce
Score10/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-