General
-
Target
SK9764567890987654.exe
-
Size
452KB
-
Sample
211130-hjm7haeagp
-
MD5
7e4a306e6e89bfbd5160e22cce80ff8d
-
SHA1
4560b19b8f0d5a6bff126535987ab4da9ba85cde
-
SHA256
b8114cd73f45de08a56ad975498bc1edcf69ff67c7f2481273911b5b1ca6d3eb
-
SHA512
46e0c7d8efac89712098f0d8b894ffea949f5b2a58197b4b452e86bc25241237dc0ef328572b31e2f8d87f0899385604c7712caa02f9c7dacc739cd5c8df9433
Static task
static1
Behavioral task
behavioral1
Sample
SK9764567890987654.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
SK9764567890987654.exe
Resource
win10-en-20211014
Malware Config
Extracted
snakekeylogger
https://api.telegram.org/bot1483662500:AAGrMuxJV05-It-ke-xXVV6-R6IAtETpJb0/sendMessage?chat_id=1300181783
Targets
-
-
Target
SK9764567890987654.exe
-
Size
452KB
-
MD5
7e4a306e6e89bfbd5160e22cce80ff8d
-
SHA1
4560b19b8f0d5a6bff126535987ab4da9ba85cde
-
SHA256
b8114cd73f45de08a56ad975498bc1edcf69ff67c7f2481273911b5b1ca6d3eb
-
SHA512
46e0c7d8efac89712098f0d8b894ffea949f5b2a58197b4b452e86bc25241237dc0ef328572b31e2f8d87f0899385604c7712caa02f9c7dacc739cd5c8df9433
Score10/10-
Snake Keylogger Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-