General
-
Target
b851ffc3b37929c60b411f3374d25adc.exe
-
Size
127KB
-
Sample
220704-ja8mhshdf8
-
MD5
b851ffc3b37929c60b411f3374d25adc
-
SHA1
14f74e9ebe0e5ba22f2642f9c7f781399794b385
-
SHA256
9454840a8ae77a5b2de432b9ee2a3750f1800f22ba7e61f05df5a6f1a9418a90
-
SHA512
8ec9fc2a4c4efff23deb6e9b49246329221b91e0701240faaab338c4efd4490e7e042cb2c1e36f52c2f9ed9f57d970a1541368400df1b15b806f6a596baef880
Static task
static1
Behavioral task
behavioral1
Sample
b851ffc3b37929c60b411f3374d25adc.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
b851ffc3b37929c60b411f3374d25adc.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
shop8.frotalabs.com - Port:
587 - Username:
onye@omnitecnologia.com - Password:
NEWTON@23 - Email To:
onye@omnitecnologia.com
Extracted
Protocol: smtp- Host:
shop8.frotalabs.com - Port:
587 - Username:
onye@omnitecnologia.com - Password:
NEWTON@23
Targets
-
-
Target
b851ffc3b37929c60b411f3374d25adc.exe
-
Size
127KB
-
MD5
b851ffc3b37929c60b411f3374d25adc
-
SHA1
14f74e9ebe0e5ba22f2642f9c7f781399794b385
-
SHA256
9454840a8ae77a5b2de432b9ee2a3750f1800f22ba7e61f05df5a6f1a9418a90
-
SHA512
8ec9fc2a4c4efff23deb6e9b49246329221b91e0701240faaab338c4efd4490e7e042cb2c1e36f52c2f9ed9f57d970a1541368400df1b15b806f6a596baef880
Score10/10-
Snake Keylogger Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-