snakekeylogger | 1732-65-0x0000000000400000-0x0000000000426000-memory[.]dmp | Triage

Sharing

General

Target

1732-65-0x0000000000400000-0x0000000000426000-memory.dmp
Size

152KB
MD5

365e7c821a66cdd5cf9ac12b74d01fec
SHA1

676bec44ad06ac38951df857979d3ce608276033
SHA256

d0c5e6edceb36ba3408373feafae12a52ead00e2b17e7f1ebd1ec47a22aa04b8
SHA512

9ff3e109c0a74320d27c8d191f9dce323f0400a915ae07348682ea2ee6984db694268ecea1564b9200fe2e88ef6b08056431d9a62a80fdd445cce4d49f3524d7
SSDEEP

3072:PN86nMbwYZ4BylazN3tGLyh50/ERqb852YhcfBZ:HMbwcCN3taynMERqbP

Score

10^/10

snakekeylogger

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
host12.registrar-servers.com
Port:
587
Username:
[email protected]
Password:
paymentblessings@2022
Email To:
[email protected]

Signatures

Snake Keylogger payload 1 IoCs

resource	yara_rule
sample	family_snakekeylogger

Snakekeylogger family
snakekeylogger

Files

1732-65-0x0000000000400000-0x0000000000426000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ