General
-
Target
6a9d3a6f928c5a2a9ab9abe269027f3b987045fbb30803dd431ae2f56d5f859c
-
Size
754KB
-
Sample
221129-wvhytaga4w
-
MD5
9aa82ff924fc3b345eba69d59327c235
-
SHA1
4a60c66a2d450b4ac234c0856e6898b043a12ba7
-
SHA256
6a9d3a6f928c5a2a9ab9abe269027f3b987045fbb30803dd431ae2f56d5f859c
-
SHA512
c85ec7653dc2239799c474575e9befd787b68de204d64214fac27c3303c8cfada06ae9cb5d57cfbe97d812d21974c71af35d65f5b820cc38f793c40317e9c37e
-
SSDEEP
12288:wOvT3qA420ld+PoGZS5mpw8AJF3KWtYMq/6H2SP4pyV9n:l3qA42YdehZSwpwBJF3fs6WSPd1
Static task
static1
Behavioral task
behavioral1
Sample
6a9d3a6f928c5a2a9ab9abe269027f3b987045fbb30803dd431ae2f56d5f859c.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
6a9d3a6f928c5a2a9ab9abe269027f3b987045fbb30803dd431ae2f56d5f859c
-
Size
754KB
-
MD5
9aa82ff924fc3b345eba69d59327c235
-
SHA1
4a60c66a2d450b4ac234c0856e6898b043a12ba7
-
SHA256
6a9d3a6f928c5a2a9ab9abe269027f3b987045fbb30803dd431ae2f56d5f859c
-
SHA512
c85ec7653dc2239799c474575e9befd787b68de204d64214fac27c3303c8cfada06ae9cb5d57cfbe97d812d21974c71af35d65f5b820cc38f793c40317e9c37e
-
SSDEEP
12288:wOvT3qA420ld+PoGZS5mpw8AJF3KWtYMq/6H2SP4pyV9n:l3qA42YdehZSwpwBJF3fs6WSPd1
Score10/10-
Snake Keylogger payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-