General
-
Target
SecuriteInfo.com.W32.AIDetectNet.01.1078.16812
-
Size
581KB
-
Sample
220704-e66qksgfh2
-
MD5
6186c41cfd183aab48ca44a6e058ced2
-
SHA1
7ba7c1333e9d7a179e6892732c13476d4dde4d48
-
SHA256
10acea4691517c244ca81bd32f7dd6e0754f97b0870250a7c344a2fafb1e9754
-
SHA512
9f662d86db758afeb195d05dfbfc427db110e3d801d0f55aedb4601c5e67185b46436445b5bf88db059cb9ea269ca799d4f3f8c3440cc866424b5b899a9dd5b9
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.W32.AIDetectNet.01.1078.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.W32.AIDetectNet.01.1078.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.ckjksb.com - Port:
587 - Username:
chah@ckjksb.com - Password:
123@ckjksb456 - Email To:
goldencargologistic@gmail.com
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetectNet.01.1078.16812
-
Size
581KB
-
MD5
6186c41cfd183aab48ca44a6e058ced2
-
SHA1
7ba7c1333e9d7a179e6892732c13476d4dde4d48
-
SHA256
10acea4691517c244ca81bd32f7dd6e0754f97b0870250a7c344a2fafb1e9754
-
SHA512
9f662d86db758afeb195d05dfbfc427db110e3d801d0f55aedb4601c5e67185b46436445b5bf88db059cb9ea269ca799d4f3f8c3440cc866424b5b899a9dd5b9
Score10/10-
Snake Keylogger Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-