General
-
Target
pernyataan saat ini.exe
-
Size
833KB
-
Sample
220705-n7fp8aagf7
-
MD5
7f3032185c1bde5d53d1592b42fca421
-
SHA1
75cff93cd7d8aeb3b86f06fb803d8a0716bb6dd7
-
SHA256
5cb12cc6039cbaaa53b1ac85a88ce4afff061c700c86fe7bbf7b6b6a79755462
-
SHA512
6a0191d59224a164873e71bd65522424720a89641ed24ad5407c5621657b49ff6ce48a0c91dd8ad9af15ff75c620e67cbf2fdd20ed2ae692c7d9e3ee7162ce35
Static task
static1
Behavioral task
behavioral1
Sample
pernyataan saat ini.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
pernyataan saat ini.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
snakekeylogger
https://api.telegram.org/bot5273407003:AAG7ZG43PS1FZDrj0gADw0sr_lYis0K5EYU/sendMessage?chat_id=2028572980
Targets
-
-
Target
pernyataan saat ini.exe
-
Size
833KB
-
MD5
7f3032185c1bde5d53d1592b42fca421
-
SHA1
75cff93cd7d8aeb3b86f06fb803d8a0716bb6dd7
-
SHA256
5cb12cc6039cbaaa53b1ac85a88ce4afff061c700c86fe7bbf7b6b6a79755462
-
SHA512
6a0191d59224a164873e71bd65522424720a89641ed24ad5407c5621657b49ff6ce48a0c91dd8ad9af15ff75c620e67cbf2fdd20ed2ae692c7d9e3ee7162ce35
Score10/10-
Snake Keylogger Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-