snakekeylogger | maldito[.]bin | Triage

Sharing

General

Target

maldito.bin
Size

126KB
MD5

3a84d66a5dbbc89646cbf7a208501ef6
SHA1

6a422d34b9769188ecc15fc395fb3ab6f0d13593
SHA256

f80489ae836fee55bb01c367514bece083d6ea4d406cb58c9578bc42b7d24977
SHA512

f54723895386284105210b65fce3409d6fe664ec2d32925b646410bb3df1c0992cf8d3a3fa4bd9f6a91a53869cd06780b0583d19573c2cb7b7ed228a2c6e00fc
SSDEEP

1536:BMMPr4n8FsKfXFTw+j5KfT6jQu57Qjlnb/USR+uOF/PpapiOWBoxF0Kcl:BMMPr5sJ+j5KfTAUb8dZKwBoxFbY

Score

10^/10

snakekeylogger

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.keefort.com.ec
Port:
587
Username:
[email protected]
Password:
icui4cu2@@
Email To:
[email protected]

Signatures

Snake Keylogger payload 1 IoCs

resource	yara_rule
sample	family_snakekeylogger

Snakekeylogger family
snakekeylogger

Files

maldito.bin
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ