snakekeylogger | 1756-67-0x0000000000400000-0x0000000000426000-memory[.]dmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1756-67-0x0000000000400000-0x0000000000426000-memory.dmp
Size

152KB
MD5

5a4c0bf3a851e69f6a204587f2c9fa3b
SHA1

7012cf5cf48955347c5e52a21407d4a5f62706c3
SHA256

6f015861da947ea95cf0c8cef70dba2ed6b99e0cea73c702c0cd29347afeffb9
SHA512

4bd7423e55b77a5d17a241a36ccf83a4961e7eef3619911eb62cf304c45d9ccd4dddb24fa27597b1e94bbba3bb87d62154b35e57e788252b7f3b05b8ae8178a8
SSDEEP

1536:I6qcDYVjsbRqqauDTw+nusQGT2232TyM/JPb/U6lIU3piOWBbvU5:I6qcCs4qTw+nu/GTCyMBPb8bU5wBrU

Score

10^/10

snakekeylogger

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
_dc-mx.ee3ce4811eb8.abybay.com
Port:
25
Username:
[email protected]
Password:
Engin@0900@
Email To:
[email protected]

Signatures

Snake Keylogger payload 1 IoCs

resource	yara_rule
sample	family_snakekeylogger

Snakekeylogger family
snakekeylogger

Files

1756-67-0x0000000000400000-0x0000000000426000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ