General

  • Target

    1720-65-0x0000000000400000-0x000000000047C000-memory.dmp

  • Size

    496KB

  • Sample

    220923-g5zxrahcfm

  • MD5

    a7d4252bc83926c7ff21a44c25b3a862

  • SHA1

    9f4359a6b6d4c8e9271260dccef4bcc053397ba6

  • SHA256

    9ceb42607b3586aec25721bbbc916fda36b1141b0581279acdd34880b14c5990

  • SHA512

    f44f99cf79682a2b0507ff3830b6ab93d2ab374ec08912b971997e5df246e462c49d3204315565951b084d99a612e7890f821f84f5f9acdae282c152465d4db6

  • SSDEEP

    6144:FWaNqVNE3j73DSuYii6NTb5Hijz9y/2EbAVfOjU0nXgXLZF1uUpBHlK+XOOqz5NZ:Fo3E3HDei3oXA2jCXgXLz/HQOqzjW/N

Score
10/10

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:
    smtp
  • Host:
    cp5ua.hyperhost.ua
  • Port:
    587
  • Username:
    arinzelog@steuler-kch.org
  • Password:
    7213575aceACE@#$
  • Email To:
    arinze@steuler-kch.org
C2

https://api.telegram.org/bot5321688653:AAEI2yqGrOA_-sRZ3xaqutrexraSgFa0AnA/sendMessage?chat_id=5048077662

Targets

    • Target

      1720-65-0x0000000000400000-0x000000000047C000-memory.dmp

    • Size

      496KB

    • MD5

      a7d4252bc83926c7ff21a44c25b3a862

    • SHA1

      9f4359a6b6d4c8e9271260dccef4bcc053397ba6

    • SHA256

      9ceb42607b3586aec25721bbbc916fda36b1141b0581279acdd34880b14c5990

    • SHA512

      f44f99cf79682a2b0507ff3830b6ab93d2ab374ec08912b971997e5df246e462c49d3204315565951b084d99a612e7890f821f84f5f9acdae282c152465d4db6

    • SSDEEP

      6144:FWaNqVNE3j73DSuYii6NTb5Hijz9y/2EbAVfOjU0nXgXLZF1uUpBHlK+XOOqz5NZ:Fo3E3HDei3oXA2jCXgXLz/HQOqzjW/N

    Score
    1/10

MITRE ATT&CK Matrix

Tasks