snakekeylogger | 292-64-0x0000000000400000-0x0000000000426000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

292-64-0x0000000000400000-0x0000000000426000-memory.dmp
Size

152KB
MD5

1672ce267cf0d8de10279a77986d56bf
SHA1

8019c2d3b9a74b9267be34c1595fb5b8a9715cc8
SHA256

c4b81e7ed805a15027d0bc2693b8f67bec873a4d44fdededf3557402394d187c
SHA512

84d2f5e6b982392365d22be1d8c0f02085223863c3bde6000d8803b4aa898788121aa8da8064007d14cf00f031b9a229c6eed82b9732d599a70cf44d79d24a3f
SSDEEP

1536:OEIdLss3mKbFmrX03HZMMRkM7ZhsJb/UHf1c0+PK90SpiOWBP:OEIdwshFmrX03HGA7sb8/m0T20wBP

Score

10^/10

snakekeylogger

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.thapparels.com
Port:
26
Username:
[email protected]
Password:
Choie@@4228933455
Email To:
[email protected]

Signatures

Snake Keylogger payload 1 IoCs

resource	yara_rule
sample	family_snakekeylogger

Snakekeylogger family
snakekeylogger

Files

292-64-0x0000000000400000-0x0000000000426000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ