General
-
Target
32e3f433b732245bcd8a27d204a770fc82d70010f3cb1549dc91f04d24849941.zip
-
Size
191KB
-
Sample
220521-jsq57aebhr
-
MD5
a0c70f227e1c25ab8096453b3fce4786
-
SHA1
a8fcea0598a00be4e96a91dbed078887015c7f61
-
SHA256
db3ff97d0dc9d07beddcf60b3062e3d6f325e4abf134b0908b5299784b92d49f
-
SHA512
5cec8df65041dac334a79e1188a17ed37c0a9d0a0080db6df5c9ee345fe70d870980385dcc67b6c2040f2ed6953966f6a84040eb75fa0cb27d7f9f29b3f8f8fe
Static task
static1
Behavioral task
behavioral1
Sample
32e3f433b732245bcd8a27d204a770fc82d70010f3cb1549dc91f04d24849941.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
32e3f433b732245bcd8a27d204a770fc82d70010f3cb1549dc91f04d24849941.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
32e3f433b732245bcd8a27d204a770fc82d70010f3cb1549dc91f04d24849941.exe
-
Size
229KB
-
MD5
773aeb8b7d2c978f5e6827e3156a5115
-
SHA1
5cf948bc30bca89a8b32ed38c5c723cca13fa196
-
SHA256
32e3f433b732245bcd8a27d204a770fc82d70010f3cb1549dc91f04d24849941
-
SHA512
5b76cc3802f7809bbb389048358bb0374273406492445c75abe301342ba9b7833f613073e7c5eda4e1d249b947822d6ffdba10735685ff0825055cd2b4a8b376
Score10/10-
Snake Keylogger Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-