Overview

overview

10

Static

static

10

1720-65-0x...ry.exe

windows7-x64

1720-65-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1720-65-0x0000000000400000-0x000000000047C000-memory.dmp

  • Size

    496KB

  • MD5

    a7d4252bc83926c7ff21a44c25b3a862

  • SHA1

    9f4359a6b6d4c8e9271260dccef4bcc053397ba6

  • SHA256

    9ceb42607b3586aec25721bbbc916fda36b1141b0581279acdd34880b14c5990

  • SHA512

    f44f99cf79682a2b0507ff3830b6ab93d2ab374ec08912b971997e5df246e462c49d3204315565951b084d99a612e7890f821f84f5f9acdae282c152465d4db6

  • SSDEEP

    6144:FWaNqVNE3j73DSuYii6NTb5Hijz9y/2EbAVfOjU0nXgXLZF1uUpBHlK+XOOqz5NZ:Fo3E3HDei3oXA2jCXgXLz/HQOqzjW/N

Score
10/10
snakekeylogger

Malware Config

Extracted

Family

snakekeylogger

Credentials

  • Protocol:     smtp
  • Host:
    cp5ua.hyperhost.ua
  • Port:
    587
  • Username:
    arinzelog@steuler-kch.org
  • Password:
    7213575aceACE@#$
  • Email To:
    arinze@steuler-kch.org
C2

https://api.telegram.org/bot5321688653:AAEI2yqGrOA_-sRZ3xaqutrexraSgFa0AnA/sendMessage?chat_id=5048077662

Signatures

  • Snake Keylogger payload 1 IoCs
  • Snakekeylogger family
    snakekeylogger

Files

  • 1720-65-0x0000000000400000-0x000000000047C000-memory.dmp
    .exe windows x86


    Headers

    Sections