General
-
Target
Important document.js
-
Size
500KB
-
Sample
220706-ta2t3seebk
-
MD5
65844424ec024268d4fae0eed0ac3ae3
-
SHA1
0da1d25fef40ebfe9402e9cb9eece1a5910f8a4d
-
SHA256
921ea85f3c9d84dde8b418204182e995e6ee76d4e535040011ae3f2d38f0567a
-
SHA512
36399426a509ffe9c3efacedb7444118efe6b12b17d9ec95cb5a94844fd0f6842421370a3d0845452ee34a25d4763c0d2b54e6766041d6b30dc81b93847801b5
Static task
static1
Behavioral task
behavioral1
Sample
Important document.js
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Important document.js
Resource
win10v2004-20220414-en
Malware Config
Extracted
snakekeylogger
https://api.telegram.org/bot5586430366:AAFjeHBk7bdKMUv-eDHosbyPidpPJlQ0mrE/sendMessage?chat_id=1919487512
Targets
-
-
Target
Important document.js
-
Size
500KB
-
MD5
65844424ec024268d4fae0eed0ac3ae3
-
SHA1
0da1d25fef40ebfe9402e9cb9eece1a5910f8a4d
-
SHA256
921ea85f3c9d84dde8b418204182e995e6ee76d4e535040011ae3f2d38f0567a
-
SHA512
36399426a509ffe9c3efacedb7444118efe6b12b17d9ec95cb5a94844fd0f6842421370a3d0845452ee34a25d4763c0d2b54e6766041d6b30dc81b93847801b5
Score10/10-
Snake Keylogger Payload
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-