General
-
Target
e2113d1238c6af86ae328bd4292d9fe031ae1a4b142686e392434160619da4fe
-
Size
709KB
-
Sample
220521-sebb9ahgf3
-
MD5
19224b2118f1930a9d5968ff3801ccce
-
SHA1
760f59844a791e9c17a558e172425ed64ea5d9b2
-
SHA256
e2113d1238c6af86ae328bd4292d9fe031ae1a4b142686e392434160619da4fe
-
SHA512
eba8a8d28e5c6bbbb851e4120d013227c413680923e1d33efe435701c6ac1133ba65a1d4785f8d470fbf498df5b2a1002508f71e37cedd5ae965806cc95b3fd5
Static task
static1
Behavioral task
behavioral1
Sample
e2113d1238c6af86ae328bd4292d9fe031ae1a4b142686e392434160619da4fe.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
samsung-tv.buzz - Port:
587 - Username:
greglog@samsung-tv.buzz - Password:
7213575aceACE@#$ - Email To:
greg@samsung-tv.buzz
Targets
-
-
Target
e2113d1238c6af86ae328bd4292d9fe031ae1a4b142686e392434160619da4fe
-
Size
709KB
-
MD5
19224b2118f1930a9d5968ff3801ccce
-
SHA1
760f59844a791e9c17a558e172425ed64ea5d9b2
-
SHA256
e2113d1238c6af86ae328bd4292d9fe031ae1a4b142686e392434160619da4fe
-
SHA512
eba8a8d28e5c6bbbb851e4120d013227c413680923e1d33efe435701c6ac1133ba65a1d4785f8d470fbf498df5b2a1002508f71e37cedd5ae965806cc95b3fd5
Score10/10-
Snake Keylogger Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-