General
-
Target
65ae88db2ccd8e9da11e275342dad8ed.exe
-
Size
377KB
-
Sample
220726-sklp6sagcr
-
MD5
65ae88db2ccd8e9da11e275342dad8ed
-
SHA1
fb96dca05b9a6a683fb839682ee1a6c3c0532d93
-
SHA256
311e354dee07f9889d3efcd5dc0b87db72d8c9055827068b45051aabafc7e380
-
SHA512
7644f50ae641499c6d61a004a215b7374b9691d69e9e3fa53bb5fa4c5c43d0edca4c6ec9147889ae2b3476d3e5d12e12acce0fc45d848d80a3dacfa0ca43957b
Static task
static1
Behavioral task
behavioral1
Sample
65ae88db2ccd8e9da11e275342dad8ed.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
65ae88db2ccd8e9da11e275342dad8ed.exe
Resource
win10v2004-20220721-en
Malware Config
Extracted
snakekeylogger
Protocol: smtp- Host:
mail.twinarrow.com.my - Port:
587 - Username:
[email protected] - Password:
accountaccount123@ - Email To:
[email protected]
Targets
-
-
Target
65ae88db2ccd8e9da11e275342dad8ed.exe
-
Size
377KB
-
MD5
65ae88db2ccd8e9da11e275342dad8ed
-
SHA1
fb96dca05b9a6a683fb839682ee1a6c3c0532d93
-
SHA256
311e354dee07f9889d3efcd5dc0b87db72d8c9055827068b45051aabafc7e380
-
SHA512
7644f50ae641499c6d61a004a215b7374b9691d69e9e3fa53bb5fa4c5c43d0edca4c6ec9147889ae2b3476d3e5d12e12acce0fc45d848d80a3dacfa0ca43957b
-
Detect PureCrypter loader
-
PureCrypter
PureCrypter is a loader which is intended for downloading and executing additional payloads.
-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-