General
-
Target
221123_001,pdf.exe
-
Size
1.0MB
-
Sample
221123-n2al1sdc9x
-
MD5
74cc58960afedeb1b8c12ddbfe100f77
-
SHA1
3f58ce706e6d19057e508db6e6200274aeb28610
-
SHA256
258466dc375c4bd7bb02e0147f21e12fa80f512521a699db6509003b1068ccf8
-
SHA512
104449c1e5753d0e1e9ef3db83843ab9d05b1aa52a125fa8b97c68c89ef13b082f374bdacd7121db4f0ef01d34b65164481d6ea8431c3f84cc5e62fb042e78df
-
SSDEEP
24576:Agh/KQO8lkeBHXOgEFVTWAPvINANktvm9s2Dzc:jh/9WqhwVw62tvy
Static task
static1
Behavioral task
behavioral1
Sample
221123_001,pdf.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
221123_001,pdf.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
221123_001,pdf.exe
-
Size
1.0MB
-
MD5
74cc58960afedeb1b8c12ddbfe100f77
-
SHA1
3f58ce706e6d19057e508db6e6200274aeb28610
-
SHA256
258466dc375c4bd7bb02e0147f21e12fa80f512521a699db6509003b1068ccf8
-
SHA512
104449c1e5753d0e1e9ef3db83843ab9d05b1aa52a125fa8b97c68c89ef13b082f374bdacd7121db4f0ef01d34b65164481d6ea8431c3f84cc5e62fb042e78df
-
SSDEEP
24576:Agh/KQO8lkeBHXOgEFVTWAPvINANktvm9s2Dzc:jh/9WqhwVw62tvy
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-