General
-
Target
Q-700004637 1004913.com
-
Size
127KB
-
Sample
211207-kh522abcf3
-
MD5
d1702414a52c34e99dabde54e533d8f5
-
SHA1
1430af931505c5f0a59637d21871b95524635891
-
SHA256
6b3363675164244c512f5f27f200f77238449db1cf0b03fcbec0b7bf5ceeb1c0
-
SHA512
2e26bf52a1dbf9c366591f6189cdb844c593c62f6fd2ecd8c773863235bfb33c8a7ea28c5c8471e1e7af7ec2e11feaa4e39d9427c9f035ef394a8ad376ae3ae3
Static task
static1
Behavioral task
behavioral1
Sample
Q-700004637 1004913.com.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
Q-700004637 1004913.com.exe
Resource
win10-en-20211104
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.dentasel.com - Port:
587 - Username:
kat1@dentasel.com - Password:
DentaselKat1*
Targets
-
-
Target
Q-700004637 1004913.com
-
Size
127KB
-
MD5
d1702414a52c34e99dabde54e533d8f5
-
SHA1
1430af931505c5f0a59637d21871b95524635891
-
SHA256
6b3363675164244c512f5f27f200f77238449db1cf0b03fcbec0b7bf5ceeb1c0
-
SHA512
2e26bf52a1dbf9c366591f6189cdb844c593c62f6fd2ecd8c773863235bfb33c8a7ea28c5c8471e1e7af7ec2e11feaa4e39d9427c9f035ef394a8ad376ae3ae3
Score7/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-