General
-
Target
6430cb23ebe6fd38dd12dd0a579e9e3b.exe
-
Size
372KB
-
Sample
211207-mv4qvabff4
-
MD5
6430cb23ebe6fd38dd12dd0a579e9e3b
-
SHA1
0564f13201c8d65ab64842742c761b5bc912b832
-
SHA256
5405e311e63cb69c69bc2eba909547fca4d91a60e998bcc825c1031cd148f816
-
SHA512
3e3e6b1b3096961a1b5081204cff23dcd1968fbb7cd5a9cd8dd0859cb1574cfe2581678f62edf4f54f95b481a51513c06255d7adb5c60f263df588fc68b41eac
Static task
static1
Behavioral task
behavioral1
Sample
6430cb23ebe6fd38dd12dd0a579e9e3b.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
6430cb23ebe6fd38dd12dd0a579e9e3b.exe
Resource
win10-en-20211104
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
smtp.metalkerhungaria.eu - Port:
587 - Username:
srun@metalkerhungaria.eu - Password:
wQYQDPh9
Targets
-
-
Target
6430cb23ebe6fd38dd12dd0a579e9e3b.exe
-
Size
372KB
-
MD5
6430cb23ebe6fd38dd12dd0a579e9e3b
-
SHA1
0564f13201c8d65ab64842742c761b5bc912b832
-
SHA256
5405e311e63cb69c69bc2eba909547fca4d91a60e998bcc825c1031cd148f816
-
SHA512
3e3e6b1b3096961a1b5081204cff23dcd1968fbb7cd5a9cd8dd0859cb1574cfe2581678f62edf4f54f95b481a51513c06255d7adb5c60f263df588fc68b41eac
Score10/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-