General
-
Target
087c76678dc2e340364a57194aa808ec.exe
-
Size
579KB
-
Sample
220704-wjkchaaedm
-
MD5
087c76678dc2e340364a57194aa808ec
-
SHA1
8ab9b005110c41be5c3c23b81f7702300c7f3e13
-
SHA256
82333a581887b69a67e85e98f80a40af27f774b10999fe92d202f4e36f5e1b57
-
SHA512
3682f04a4581427b1cd6e6fcd5bbf65cbc6c8a3b323e6913202429e76261f3d0e41825af6dbdc45254746c472a2143f279185851854f74d6bd362870961e03ce
Static task
static1
Behavioral task
behavioral1
Sample
087c76678dc2e340364a57194aa808ec.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
087c76678dc2e340364a57194aa808ec.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
snakekeylogger
https://api.telegram.org/bot5125489580:AAG9rJipU-Qp9bVmgyzvimlz5gpATRgg5qo/sendMessage?chat_id=5149913163
Targets
-
-
Target
087c76678dc2e340364a57194aa808ec.exe
-
Size
579KB
-
MD5
087c76678dc2e340364a57194aa808ec
-
SHA1
8ab9b005110c41be5c3c23b81f7702300c7f3e13
-
SHA256
82333a581887b69a67e85e98f80a40af27f774b10999fe92d202f4e36f5e1b57
-
SHA512
3682f04a4581427b1cd6e6fcd5bbf65cbc6c8a3b323e6913202429e76261f3d0e41825af6dbdc45254746c472a2143f279185851854f74d6bd362870961e03ce
Score10/10-
Snake Keylogger Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-