General
-
Target
SecuriteInfo.com.Win32.PWSX-gen.21070.24107.exe
-
Size
599KB
-
Sample
221128-ljrrgahb81
-
MD5
dde846fa9473a15681edb8e3c4bbfa7b
-
SHA1
34bc9ae36a7440e4e63dc990c2b0440290265f9c
-
SHA256
29865b75c412f1ac28c7d971b011806080c583640b0130bfe9603d35c5665fce
-
SHA512
8d7a5c74ac6689a41c5c26ce3b2d1e92c5621107d2a434976fbb4071cc2b9e40390c7cf2aebd8e3ccd9757f2045ad9500a0c89884acc30fa4cd99a00f906bfe5
-
SSDEEP
12288:qejc8pbKbf9BivJwgLYDNo0LqYMxHSqThW+:q/abK5I+9K0L7MNSqT
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.PWSX-gen.21070.24107.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.PWSX-gen.21070.24107.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Win32.PWSX-gen.21070.24107.exe
-
Size
599KB
-
MD5
dde846fa9473a15681edb8e3c4bbfa7b
-
SHA1
34bc9ae36a7440e4e63dc990c2b0440290265f9c
-
SHA256
29865b75c412f1ac28c7d971b011806080c583640b0130bfe9603d35c5665fce
-
SHA512
8d7a5c74ac6689a41c5c26ce3b2d1e92c5621107d2a434976fbb4071cc2b9e40390c7cf2aebd8e3ccd9757f2045ad9500a0c89884acc30fa4cd99a00f906bfe5
-
SSDEEP
12288:qejc8pbKbf9BivJwgLYDNo0LqYMxHSqThW+:q/abK5I+9K0L7MNSqT
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-