snakekeylogger | 316-63-0x0000000000400000-0x0000000000426000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

316-63-0x0000000000400000-0x0000000000426000-memory.dmp
Size

152KB
MD5

327fd4ab0bbbd830a874b6e3003cbe2b
SHA1

14f2cb00c3796b5723474788e2dc309fdd5d1f46
SHA256

a9841e6e4bbaadc0c1fbdcf2fdc9792b6879fa73a96b0eb7d14cf88de37eee74
SHA512

25681efe4e38b9fe7ec239e2f272fdaab9422d28b72a997e8d392a7b06daccf656a6204089be343678a357e65e679b8f5cb9ce10dc0caad7ccd51f142f8529f6
SSDEEP

1536:ZXCgr5esJmHsGj26hT1euStvcb/UR+IWO1mpiOWBn:ZXCK4sUsGj26hTIuIkb8eBwBn

Score

10^/10

snakekeylogger

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
mail.amcuplastic.com
Port:
587
Username:
[email protected]
Password:
Mair5779Jev.
Email To:
[email protected]

Signatures

Snake Keylogger payload 1 IoCs

resource	yara_rule
sample	family_snakekeylogger

Snakekeylogger family
snakekeylogger

Files

316-63-0x0000000000400000-0x0000000000426000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ