snakekeylogger | 1448-66-0x0000000000400000-0x0000000000426000-memory[.]dmp | Triage

Sharing

General

Target

1448-66-0x0000000000400000-0x0000000000426000-memory.dmp
Size

152KB
MD5

0349090cc732676298ac6d5827754288
SHA1

214d30db8778b96f84e90312db386dd2f732722c
SHA256

fe13032357f81248ff2522cfd41c7970ebd3abb0a3d201a2626c13a86600c4ee
SHA512

fd2dd2c4dbc7dd07875ac3bdcf5f713e5e14619aab16c3d3102ede82c3c0a8a087bd27d747e9a8b4b981328ba51582a7f51a44350ee5907c9fd1abe1f4b1b16a
SSDEEP

1536:mJ38k7kHzCqJv/+4p+vBUFrlYYOKkn8YCbiWgQJqMFXZzAwuDyb/UpHo7VyjtQYw:mJ38hTB/+aOKVAGb8tHSawBI8

Score

10^/10

snakekeylogger

Malware Config

Extracted

Family

snakekeylogger

Credentials

Protocol: smtp
Host:
shivamdevansh.com
Port:
587
Username:
[email protected]
Password:
zI1-}Dg=4,B]72^%#

Signatures

Snake Keylogger payload 1 IoCs

resource	yara_rule
sample	family_snakekeylogger

Snakekeylogger family
snakekeylogger

Files

1448-66-0x0000000000400000-0x0000000000426000-memory.dmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ